CVE-2001-1449

Apache HTTP Server < 1.3.19 - Unauthenticated Directory Index Listing

Title source: llm
STIX 2.1

Description

The default installation of Apache before 1.3.19 on Mandrake Linux 7.1 through 8.0 and Linux Corporate Server 1.0.1 allows remote attackers to list the directory index of arbitrary web directories.

References (3)

Core 3
Core References
Third Party Advisory, VDB Entry vdb-entry x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/8029
Vendor Advisory vendor-advisory x_refsource_mandrake
http://www.mandriva.com/security/advisories?name=MDKSA-2001:077-2
Patch, US Government Resource third-party-advisory x_refsource_cert-vn
http://www.kb.cert.org/vuls/id/913704

Scores

EPSS 0.0780
EPSS Percentile 94.0%

Details

Status published
Products (16)
apache/http_server 1.3
apache/http_server 1.3.1
apache/http_server 1.3.3
apache/http_server 1.3.4
apache/http_server 1.3.6
apache/http_server 1.3.9
apache/http_server 1.3.11
apache/http_server 1.3.12
apache/http_server 1.3.14
apache/http_server 1.3.17
... and 6 more
Published Nov 28, 2001
Tracked Since Feb 18, 2026