← Back to CVEs
CVE-2003-1138
N/ADescription
The default configuration of Apache 2.0.40, as shipped with Red Hat Linux 9.0, allows remote attackers to list directory contents, even if auto indexing is turned off and there is a default web page configured, via a GET request containing a double slash (//).
CVE Details
CVSS v3.1 ScoreN/A
Published10/27/2003
Last Modified4/16/2026
Sourcenvd
Honeypot Sightings0
Affected Products
redhat:interchange
References
http://www.securityfocus.com/archive/1/342578(cve@mitre.org)
http://www.securityfocus.com/bid/8898(cve@mitre.org)
http://www.securityfocus.com/archive/1/342578(af854a3a-2127-422b-91ae-364da2661108)
http://www.securityfocus.com/bid/8898(af854a3a-2127-422b-91ae-364da2661108)
IOC Correlations
No correlations recorded
This product uses data from the NVD API but is not endorsed or certified by the NVD.