CVE-2002-0240
Apache HTTP Server - Information Disclosure via HTTP OPTIONS Method
Title source: llmDescription
PHP, when installed with Apache and configured to search for index.php as a default web page, allows remote attackers to obtain the full pathname of the server via the HTTP OPTIONS method, which reveals the pathname in the resulting error message.
References (3)
Core 3
Core References
Vendor Advisory vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/4057
Mailing List mailing-list
x_refsource_bugtraq
http://marc.info/?l=bugtraq&m=101311746611160&w=2
Third Party Advisory vdb-entry
x_refsource_xf
http://www.iss.net/security_center/static/8119.php
Scores
EPSS
0.0778
EPSS Percentile
94.0%
Details
Status
published
Products (1)
apache/http_server
2.0.28 beta
Published
May 29, 2002
Tracked Since
Feb 18, 2026