← CVECheck
HomeVulnerabilities

CVE-2001-0925 — MEDIUM severity vulnerability (The default installation of Apache before 1.3.19 allows remo)

The default installation of Apache before 1.3.19 allows remote attackers to list directories instead of the multiview index.html file via an HTTP request for a path that contains many / (slash) characters, which causes the path to be mishandled by (1) mod_negotiation, (2) mod_dir, or (3) mod_autoindex.

CVE IDCVE-2001-0925
SeverityMEDIUM
CVSS score5.0
CVSS vectorAV:N/AC:L/Au:N/C:P/I:N/A:N
CWECWE-22
StatusModified
Published2001-03-12
Last modified2026-04-16
DescriptionThe default installation of Apache before 1.3.19 allows remote attackers to list directories instead of the multiview index.html file via an HTTP request for a path that contains many / (slash) characters, which causes the path to be mishandled by (1) mod_negotiation, (2) mod_dir, or (3) mod_autoindex.
SourceNIST National Vulnerability Database

🔍 Search all vulnerabilities →