Apache – CVE-2002-0654

Description

Kayran has detected that the Version of Apache being used could be vulnerable and expose the Server’s pathname. Also known as CVE-2002-0654.

This vulnerability allow attackers to determine the full pathname of the server.

That can be done in two ways:

  1. By sending a request for a .var file, which then leaks the pathname in the error message as a response.
  2. By abusing an error message that occurs when a script (child process) cannot be invoked.

That will lead to information being disclosed.

Recommendation

To fix CVE-2002-0654, upgrade the version of Apache HTTP Server being used to 2.0.40 or higher.

References

https://cve.mitre.org/cgi-bin/cvename.cgi?name=2002-0654

< Return to all Vulnerabilities

Using VPN

What is a VPN? Why should someone be using VPN? Which Problems does is solve? and what is the advantages and disadvantages of it? Let’s

Read More »

HTTP VS. HTTPS

You must have once wondered what HTTP means and what is the difference between that ugly word to HTTPS, and if not, then please read

Read More »

What is a CWE ?

Similar to the article written on CVEs, in this article we will answer the questions :What is CWE ? and, what is the difference between

Read More »

The Cloud

I’m pretty sure there isn’t a single adult in the world who hasn’t at least heard of The Cloud. Explaining “The Cloud” in 2022 may

Read More »