- Home
- CVEs with nessus.description==It was discovered that the Apache web server did not properly handle the 'Options=' parameter to the AllowOverride directive :
- In the stable distribution (lenny), local users could (via .htaccess) enable script execution in Server Side Includes even in configurations where the AllowOverride directive contained only Options=IncludesNoEXEC.
- In the oldstable distribution (etch), local users could (via .htaccess) enable script execution in Server Side Includes and CGI script execution in configurations where the AllowOverride directive contained any 'Options=' value.
The oldstable distribution (etch), this problem has been fixed in version 2.2.3-4 etch8.
Max CVSS | 0 |
Min CVSS | 0 |
Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published |
Back to Top
Mark selected
Back to Top