CVE-2003-0789

Apache HTTP Server 2.0.35-2.0.47 - Information Disclosure via mod_cgid CGI Redirect Path Handling

Title source: llm
STIX 2.1

Description

mod_cgid in Apache before 2.0.48, when using a threaded MPM, does not properly handle CGI redirect paths, which could cause Apache to send the output of a CGI program to the wrong client.

References (27)

Core 27
Core References
Third Party Advisory, VDB Entry vdb-entry x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/13552
Broken Link vendor-advisory x_refsource_mandrake
http://www.mandrakesecure.net/en/advisories/advisory.php?name=MDKSA-2003:103
Third Party Advisory vendor-advisory x_refsource_conectiva
http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000775
Broken Link, Mailing List vendor-advisory x_refsource_apple
http://lists.apple.com/archives/security-announce/2004/Jan/msg00000.html
Third Party Advisory vendor-advisory x_refsource_gentoo
http://security.gentoo.org/glsa/glsa-200310-04.xml
Third Party Advisory, VDB Entry vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/9504
Third Party Advisory, VDB Entry vendor-advisory x_refsource_hp
http://www.securityfocus.com/advisories/6079
Third Party Advisory, VDB Entry vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/8926
Third Party Advisory vendor-advisory x_refsource_redhat
http://www.redhat.com/support/errata/RHSA-2003-320.html
Broken Link third-party-advisory government-resource x_refsource_ciac
http://www.ciac.org/ciac/bulletins/o-015.shtml
Issue Tracking, Mailing List, Third Party Advisory mailing-list x_refsource_bugtraq
http://marc.info/?l=bugtraq&m=106761802305141&w=2
Broken Link, Vendor Advisory x_refsource_confirm
http://apache.secsup.org/dist/httpd/Announcement2.html

Scores

EPSS 0.1151
EPSS Percentile 95.5%

Details

Status published
Products (1)
apache/http_server 2.0.35 - 2.0.48
Published Nov 03, 2003
Tracked Since Feb 18, 2026