Apache – CVE-2002-0654

Home » Blog » Apache – CVE-2002-0654

Description

Kayran has detected that the Version of Apache being used could be vulnerable and expose the Server’s pathname. Also known as CVE-2002-0654.

This vulnerability allow attackers to determine the full pathname of the server.

That can be done in two ways:

By sending a request for a .var file, which then leaks the pathname in the error message as a response.
By abusing an error message that occurs when a script (child process) cannot be invoked.

That will lead to information being disclosed.

Recommendation

To fix CVE-2002-0654, upgrade the version of Apache HTTP Server being used to 2.0.40 or higher.

References

https://cve.mitre.org/cgi-bin/cvename.cgi?name=2002-0654

< Return to all Vulnerabilities

The average hacker shopping list – the CVE

When i take an X-Rey my doctor sits me down and simply “roast” me with stuff like how un-healthy i am, how i should stop

Your SQL got the I(njection)

We’ve talked about it before right? or am i the only one having a Deja-Vu? Or an SQL Injection? No on likes doctors, or needles,

Understanding Attackers

Looking in the Attacker’s eyes – There are many ways we can do it. So when we want to achieve the goal of Understanding Attackers,

A security vulnerability our API hates

As you know, we’ve talked about many different and critical subjects related to application programming and knowing that it is very important to protect them,

Hackers hat shop – The many types of hackers

In our world there are many types of people, people that we trust, those who cannot be trusted, liars, suspicious types, amateur and “Noobs” as

HAR Files

In this article, I’ll talk and explain about HAR Files, so if you don’t know what they are, or, what do we use them for,

WEB APPLICATION VULNERABILITY SCANNER