CVE-2007-6514 : Apache HTTP Server, when running on Linux with a document root on a Windows share mounted using smbfs, allows remote att

Apache HTTP Server, when running on Linux with a document root on a Windows share mounted using smbfs, allows remote attackers to obtain unprocessed content such as source files for .php programs via a trailing "\" (backslash), which is not handled by the intended AddType directive.

Published 2007-12-21 22:46:00

Updated 2018-10-15 21:54:53

Source MITRE

View at NVD, CVE.org

Vulnerability category: Information leak

Threat overview for CVE-2007-6514

Top countries where our scanners detected CVE-2007-6514

Top open port discovered on systems with this issue 80

IPs affected by CVE-2007-6514 6,509

Threat actors abusing to this issue? Yes

Find out if you^* are affected by CVE-2007-6514!

^*Directly or indirectly through your vendors, service providers and 3rd parties. Powered by attack surface intelligence from SecurityScorecard.

Exploit prediction scoring system (EPSS) score for CVE-2007-6514

Probability of exploitation activity in the next 30 days: 0.61%

Percentile, the proportion of vulnerabilities that are scored at or less: ~ 76 % EPSS Score History EPSS FAQ

CVSS scores for CVE-2007-6514

Base Score	Base Severity	CVSS Vector	Exploitability Score	Impact Score	Score Source
4.3	MEDIUM	AV:N/AC:M/Au:N/C:P/I:N/A:N	8.6	2.9	NIST
Access Vector: Network Access Complexity: Medium Authentication: None Confidentiality Impact: Partial Integrity Impact: None Availability Impact: None

CWE ids for CVE-2007-6514

CWE-200 Exposure of Sensitive Information to an Unauthorized Actor

The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.

Assigned by: nvd@nist.gov (Primary)

Vendor statements for CVE-2007-6514

Red Hat 2008-01-09

Old versions of the Linux 2.4 kernel allowed the lookup of names containing backslashes over smbfs -- so there were multiple names which would reference any particular file, allowing the bypass of Apache controls such as AddType. Not vulnerable. This issue did not affect the versions of the Linux kernel as shipped with Red Hat Enterprise Linux 3, 4, or 5. This issue was corrected with a backported patch for Red Hat Enterprise Linux 2.1 by RHSA-2007:0672. https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2007-6514

References for CVE-2007-6514

Products affected by CVE-2007-6514

Apache » Http Server » Version: 2.2.6
cpe:2.3:a:apache:http_server:2.2.6:*:*:*:*:*:*:*
Matching versions
When used together with: Linux » Linux Kernel