CVE-2001-1072

Severity CVSS v4.0:
Pending analysis
Type:
Unavailable / Other
Publication date:
31/08/2001
Last modified:
03/04/2025

Description

Apache with mod_rewrite enabled on most UNIX systems allows remote attackers to bypass RewriteRules by inserting extra / (slash) characters into the requested path, which causes the regular expression in the RewriteRule to fail.

Vulnerable products and versions

CPE From Up to
cpe:2.3:a:apache:http_server:1.3.14:*:*:*:*:*:*:*
cpe:2.3:a:apache:http_server:1.3.17:*:*:*:*:*:*:*
cpe:2.3:a:apache:http_server:1.3.19:*:*:*:*:*:*:*