Apache – CVE-2002-1592

Description

Kayran has detected that the “ap_log_rerror” function in the version of Apache being used returns warning messages to end users. Also known as CVE-2002-1592.

These messages are being returned in addition to being recorded in the error log.
These error messages could include the full path for the server.

Remote attackers might abuse it to obtain sensitive information and initiate attacks against it.

Recommendation

To prevent CVE-2002-1592, update the version of the Apache httpd being used to 2.0.36 or higher.

References

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-1592

< Return to all Vulnerabilities

HTTP VS. HTTPS

You must have once wondered what HTTP means and what is the difference between that ugly word to HTTPS, and if not, then please read

Read More »