| ID |
CVE-2006-4110
|
| Summary |
Apache 2.2.2, when running on Windows, allows remote attackers to read source code of CGI programs via a request that contains uppercase (or alternate case) characters that bypass the case-sensitive ScriptAlias directive, but allow access to the file on case-insensitive file systems. |
| References |
|
| Vulnerable Configurations |
-
cpe:2.3:a:apache:http_server:2.0.58:*:win32:*:*:*:*:*
cpe:2.3:a:apache:http_server:2.0.58:*:win32:*:*:*:*:*
-
cpe:2.3:a:apache:http_server:2.2.2:*:windows:*:*:*:*:*
cpe:2.3:a:apache:http_server:2.2.2:*:windows:*:*:*:*:*
-
cpe:2.3:a:apache:http_server:2.2.3:*:windows:*:*:*:*:*
cpe:2.3:a:apache:http_server:2.2.3:*:windows:*:*:*:*:*
|
| CVSS |
| Base: | 4.3 (as of 17-10-2018 - 21:33) |
| Impact: | |
| Exploitability: | |
|
| CWE |
NVD-CWE-Other |
| CAPEC |
|
| Access |
| Vector | Complexity | Authentication |
| NETWORK |
MEDIUM |
NONE |
|
| Impact |
| Confidentiality | Integrity | Availability |
| PARTIAL |
NONE |
NONE |
|
| cvss-vector
via4
|
AV:N/AC:M/Au:N/C:P/I:N/A:N
|
| refmap
via4
|
| bid | 19447 | | bugtraq | - 20060809 CGI Script Source Code Disclosure Vulnerability in Apache for Windows
- 20060817 Re: Re: CGI Script Source Code Disclosure Vulnerability in Apache for Windows
| | osvdb | 27913 | | secunia | 21490 | | sreason | 1370 | | vupen | ADV-2006-3265 | | xf | apache-modalias-information-disclosure(28357) |
|
| Last major update |
17-10-2018 - 21:33 |
| Published |
14-08-2006 - 20:04 |
| Last modified |
17-10-2018 - 21:33 |
