CVE-2003-1418

MEDIUM

Description

Apache HTTP Server 1.3.22 through 1.3.27 on OpenBSD allows remote attackers to obtain sensitive information via (1) the ETag header, which reveals the inode number, or (2) multipart MIME boundary, which reveals child process IDs (PID).

References

http://www.openbsd.org/errata32.html

http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html

http://www.securityfocus.com/bid/6939

http://www.securityfocus.com/bid/6943

https://exchange.xforce.ibmcloud.com/vulnerabilities/11438

Details

Source: MITRE

Published: 2003-12-31

Updated: 2017-10-20

Type: CWE-200

Risk Information

CVSS v2.0

Base Score: 4.3

Vector: AV:N/AC:M/Au:N/C:P/I:N/A:N

Impact Score: 2.9

Exploitability Score: 8.6

Severity: MEDIUM