CVE-2000-0869

Description

The default configuration of Apache 1.3.12 in SuSE Linux 6.4 enables WebDAV, which allows remote attackers to list arbitrary directories via the PROPFIND HTTP request method.

Affected products

• apache / http_server1.3.12 – 1.3.12
• SUSE / suse_linux6.0 – 6.0
• SUSE / suse_linux6.1 – 6.1
• SUSE / suse_linux6.1 – 6.1
• SUSE / suse_linux6.2 – 6.2
• SUSE / suse_linux6.3 – 6.3
• SUSE / suse_linux6.3 – 6.3
• SUSE / suse_linux6.3 – 6.3
• SUSE / suse_linux6.4 – 6.4
• SUSE / suse_linux6.4 – 6.4
• SUSE / suse_linux6.4 – 6.4
• SUSE / suse_linux7.0 – 7.0

References

• MISChttp://archives.neohapsis.com/archives/linux/suse/2000-q3/0906.html
• MISChttps://exchange.xforce.ibmcloud.com/vulnerabilities/5204
• VENDOR_ADVISORYhttp://www.atstake.com/research/advisories/2000/a090700-3.txt
• MISChttp://www.securityfocus.com/bid/1656