Intrusion PreventionApache.Encoded.Backslash.Path.Traversal
Description
This indicates an exploit attempt against a Directory Traversal vulnerability in Apache Web Server.
This issue is caused by an error when the vulnerable software handles a malicious http requests. It may allow remote attackers gain sensitive information from vulnerable system via a crafted HTTP request.
Affected Products
Apache Software Foundation Apache 2.0.39
Apache Software Foundation Apache 2.0.38
Apache Software Foundation Apache 2.0.37
Apache Software Foundation Apache 2.0.36
Apache Software Foundation Apache 2.0.35
Apache Software Foundation Apache 2.0.34 -BETA
Apache Software Foundation Apache 2.0.32 -BETA
Apache Software Foundation Apache 2.0.32
Apache Software Foundation Apache 2.0.28 -BETA
Apache Software Foundation Apache 2.0.28 Beta
Apache Software Foundation Apache 2.0.28
Apache Software Foundation Apache 2.0
Impact
Information Disclosure: Remote attackers can gain sensitive information from vulnerable systems.
Recommended Actions
Refer to the vendor's web site for suggested workaround.
http://httpd.apache.org/info/security_bulletin_20020809a.txt
Coverage
| IPS (Regular DB) | |
| IPS (Extended DB) |
Version Updates
| Date | Version | Status | Detail |
|---|---|---|---|
| 2024-07-25 | 28.833 |
Modified
|
Name:Apache. Encoded. Backslash. Directory. Traversal:Apache. Encoded. Backslash. Path. Traversal |
| ID | 32366 |
| Created | Aug 08, 2012 |
| Updated | Jul 23, 2024 |
| CVE ID | |
| Risk |
|
| Exploit Prediction Score | 91.31% |
| Default Action | drop |
| Active | |
| Affected OS | Windows, Linux, Solaris |
| Affected App | Apache |
| Profile Type | Path Traversal |