CVE-2001-0730

Apache HTTP Server 1.3.20 - Arbitrary File Overwrite via Host Header Slash Injection

Title source: llm
STIX 2.1

Description

split-logfile in Apache 1.3.20 allows remote attackers to overwrite arbitrary files that end in the .log extension via an HTTP request with a / (slash) in the Host: header.

Scores

EPSS 0.1192
EPSS Percentile 95.6%

Details

Status published
Products (1)
apache/http_server 1.3.20
Published Oct 30, 2001
Tracked Since Feb 18, 2026