CVE-2001-0925 : The default installation of Apache before 1.3.19 allows remote attackers to list directories instead of the multiview in

The default installation of Apache before 1.3.19 allows remote attackers to list directories instead of the multiview index.html file via an HTTP request for a path that contains many / (slash) characters, which causes the path to be mishandled by (1) mod_negotiation, (2) mod_dir, or (3) mod_autoindex.

Published 2001-03-12 05:00:00

Updated 2021-07-06 16:38:05

Source MITRE

View at NVD, CVE.org

Vulnerability category: Directory traversal

Threat overview for CVE-2001-0925

Top countries where our scanners detected CVE-2001-0925

Top open port discovered on systems with this issue 80

IPs affected by CVE-2001-0925 629

Threat actors abusing to this issue? Yes

Find out if you^* are affected by CVE-2001-0925!

^*Directly or indirectly through your vendors, service providers and 3rd parties. Powered by attack surface intelligence from SecurityScorecard.

Exploit prediction scoring system (EPSS) score for CVE-2001-0925

Probability of exploitation activity in the next 30 days: 94.79%

Percentile, the proportion of vulnerabilities that are scored at or less: ~ 99 % EPSS Score History EPSS FAQ

CVSS scores for CVE-2001-0925

Base Score	Base Severity	CVSS Vector	Exploitability Score	Impact Score	Score Source
5.0	MEDIUM	AV:N/AC:L/Au:N/C:P/I:N/A:N	10.0	2.9	NIST
Access Vector: Network Access Complexity: Low Authentication: None Confidentiality Impact: Partial Integrity Impact: None Availability Impact: None

CWE ids for CVE-2001-0925

CWE-22 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

The product uses external input to construct a pathname that is intended to identify a file or directory that is located underneath a restricted parent directory, but the product does not properly neutralize special elements within the pathname that can cause the pathname to resolve to a location that is outside of the restricted directory.

Assigned by: nvd@nist.gov (Primary)

Vendor statements for CVE-2001-0925

Apache 2008-07-02

Fixed in Apache HTTP Server 1.3.19: http://httpd.apache.org/security/vulnerabilities_13.html

References for CVE-2001-0925

http://www.securityfocus.com/archive/1/193081

Exploit;Third Party Advisory;VDB Entry
http://www.securityfocus.com/archive/1/178066

Third Party Advisory;VDB Entry
http://www.debian.org/security/2001/dsa-067

Third Party Advisory
https://lists.apache.org/thread.html/rf2f0f3611f937cf6cfb3b4fe4a67f69885855126110e1e3f2fb2728e@%3Ccvs.httpd.apache.org%3E

svn commit: r1075470 [1/4] - in /websites/staging/httpd/trunk/content: ./ security/json/CVE-2020-13938.json security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_2
Mailing List;Vendor Advisory

CVEs referencing this url
https://exchange.xforce.ibmcloud.com/vulnerabilities/6921

Third Party Advisory;VDB Entry
http://www.securityfocus.com/bid/2503

Exploit;Patch;Third Party Advisory;VDB Entry
http://www.securityfocus.com/cgi-bin/archive.pl?id=1&start=2002-01-27&end=2002-02-02&mid=199857&threads=1

Third Party Advisory;VDB Entry
https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920@%3Ccvs.httpd.apache.org%3E

svn commit: r1073149 [1/13] - in /websites/staging/httpd/trunk/content: ./ security/ security/json/ - Pony Mail
Mailing List;Vendor Advisory

CVEs referencing this url
https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9@%3Ccvs.httpd.apache.org%3E

Pony Mail!
Mailing List;Vendor Advisory

CVEs referencing this url
http://www.linux-mandrake.com/en/security/2001/MDKSA-2001-077.php3

Broken Link
http://www.securityfocus.com/archive/1/168497

Third Party Advisory;VDB Entry
http://www.linuxsecurity.com/advisories/other_advisory-1452.html

Third Party Advisory
https://lists.apache.org/thread.html/r5419c9ba0951ef73a655362403d12bb8d10fab38274deb3f005816f5@%3Ccvs.httpd.apache.org%3E

svn commit: r1073140 [1/4] - in /websites/staging/httpd/trunk/content: ./ security/cvejsontohtml.py security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html s
Mailing List;Vendor Advisory

CVEs referencing this url
http://www.apacheweek.com/features/security-13

Apache HTTP Server 1.3 vulnerabilities - The Apache HTTP Server Project
Vendor Advisory

CVEs referencing this url

Products affected by CVE-2001-0925

Debian » Debian Linux » Version: 2.2
cpe:2.3:o:debian:debian_linux:2.2:*:*:*:*:*:*:*
Matching versions
Apache » Http Server » Version: 1.3.12
cpe:2.3:a:apache:http_server:1.3.12:*:*:*:*:*:*:*
Matching versions
Apache » Http Server » Version: 1.3.14
cpe:2.3:a:apache:http_server:1.3.14:*:*:*:*:*:*:*
Matching versions
Apache » Http Server » Version: 1.3.11
cpe:2.3:a:apache:http_server:1.3.11:*:*:*:*:*:*:*
Matching versions
Apache » Http Server » Version: 1.3.17
cpe:2.3:a:apache:http_server:1.3.17:*:*:*:*:*:*:*
Matching versions