Apache Web Server MS-DOS Device Name Arbitrary Code Execution Vulnerability

Bugtraq ID: 6659
Class: Input Validation Error
CVE: CVE-2003-0016
CVE-2003-0016
Remote: Yes
Local: No
Published: Jan 22 2003 12:00AM
Updated: Jul 12 2009 05:56PM
Credit: This vulnerability was discovered by Matthew Murphy and Lionel Brits.
Vulnerable: Apache Software Foundation Apache 2.0.43
Apache Software Foundation Apache 2.0.42
+ Gentoo Linux 1.4 _rc1
+ Gentoo Linux 1.2
Apache Software Foundation Apache 2.0.41
Apache Software Foundation Apache 2.0.40
+ RedHat Linux 9.0 i386
+ RedHat Linux 8.0
+ Terra Soft Solutions Yellow Dog Linux 3.0
Apache Software Foundation Apache 2.0.39
Apache Software Foundation Apache 2.0.38
Apache Software Foundation Apache 2.0.37
Apache Software Foundation Apache 2.0.36
Not Vulnerable: Apache Software Foundation Apache 2.0.44
Apache Software Foundation Apache 1.3.27
+ HP HP-UX (VVOS) 11.0 4
+ HP VirtualVault 4.6
+ HP VirtualVault 4.5
+ HP Webproxy 2.0
+ Immunix Immunix OS 7+
+ Mandriva Linux Mandrake 9.1 ppc
+ Mandriva Linux Mandrake 9.1
+ OpenBSD OpenBSD 3.3
+ OpenPKG OpenPKG Current
+ Red Hat Enterprise Linux AS 2.1 IA64
+ Red Hat Enterprise Linux AS 2.1
+ RedHat Enterprise Linux ES 2.1 IA64
+ RedHat Enterprise Linux ES 2.1
+ RedHat Enterprise Linux WS 2.1 IA64
+ RedHat Enterprise Linux WS 2.1
+ RedHat Linux Advanced Work Station 2.1
+ SGI IRIX 6.5.19
Apache Software Foundation Apache 1.3.26
+ Conectiva Linux 8.0
+ Conectiva Linux 7.0
+ Conectiva Linux 6.0
+ Debian Linux 3.0 sparc
+ Debian Linux 3.0 s/390
+ Debian Linux 3.0 ppc
+ Debian Linux 3.0 mipsel
+ Debian Linux 3.0 mips
+ Debian Linux 3.0 m68k
+ Debian Linux 3.0 ia-64
+ Debian Linux 3.0 ia-32
+ Debian Linux 3.0 hppa
+ Debian Linux 3.0 arm
+ Debian Linux 3.0 alpha
+ MandrakeSoft Corporate Server 2.1 x86_64
+ MandrakeSoft Corporate Server 2.1
+ Mandriva Linux Mandrake 9.0
+ OpenPKG OpenPKG 1.1
+ Trustix Secure Linux 1.5
+ Trustix Secure Linux 1.2
+ Trustix Secure Linux 1.1
Apache Software Foundation Apache 1.3.25
Apache Software Foundation Apache 1.3.24
+ OpenBSD OpenBSD 3.1
+ Oracle Oracle HTTP Server 9.2 .0
+ Oracle Oracle HTTP Server 9.0.1
+ Oracle Oracle9i Application Server 9.0.2
+ Oracle Oracle9i Application Server 1.0.2 .2
+ Oracle Oracle9i Application Server 1.0.2 .1s
+ Oracle Oracle9i Application Server 1.0.2
+ Slackware Linux 8.1
+ Unisphere Networks SDX-300 2.0.3
Apache Software Foundation Apache 1.3.23
- IBM AIX 4.3
+ Mandriva Linux Mandrake 8.2 ppc
+ Mandriva Linux Mandrake 8.2
+ RedHat Linux 7.3 i386
+ RedHat Linux 7.3
+ S.u.S.E. Linux 8.0 i386
+ S.u.S.E. Linux 8.0
+ Trustix Secure Linux 1.5
+ Trustix Secure Linux 1.2
+ Trustix Secure Linux 1.1


 

Privacy Statement
Copyright 2010, SecurityFocus