• info
• discussion
• exploit
• solution
• references

Apache 2.0 Encoded Backslash Directory Traversal Vulnerability

Solution:
This issue is resolved in Apache 2.0.40:


Apache Software Foundation Apache 2.0.28 -BETA

• Apache Software Foundation Apache httpd 2.0.40
  http://www.apache.org/dist/httpd/

Apache Software Foundation Apache 2.0.28 Beta

• Apache Software Foundation Apache httpd 2.0.40
  http://www.apache.org/dist/httpd/

Apache Software Foundation Apache 2.0.28

• Apache Software Foundation Apache httpd 2.0.40
  http://www.apache.org/dist/httpd/

Apache Software Foundation Apache 2.0.32

• Apache Software Foundation Apache httpd 2.0.40
  http://www.apache.org/dist/httpd/

Apache Software Foundation Apache 2.0.32 -BETA

• Apache Software Foundation Apache httpd 2.0.40
  http://www.apache.org/dist/httpd/

Apache Software Foundation Apache 2.0.34 -BETA

• Apache Software Foundation Apache httpd 2.0.40
  http://www.apache.org/dist/httpd/

Apache Software Foundation Apache 2.0.35

• Apache Software Foundation Apache httpd 2.0.40
  http://www.apache.org/dist/httpd/

Apache Software Foundation Apache 2.0.36

• Apache Software Foundation Apache httpd 2.0.40
  http://www.apache.org/dist/httpd/

Apache Software Foundation Apache 2.0.37

• Apache Software Foundation Apache httpd 2.0.40
  http://www.apache.org/dist/httpd/

Apache Software Foundation Apache 2.0.38

• Apache Software Foundation Apache httpd 2.0.40
  http://www.apache.org/dist/httpd/

Apache Software Foundation Apache 2.0.39

• Apache Software Foundation Apache httpd 2.0.40
  http://www.apache.org/dist/httpd/