CVE-2001-0731 Information

Description

Apache 1.3.20 with Multiviews enabled allows remote attackers to view directory contents and bypass the index page via a URL containing the \M=D\ query string.

Reference

ftp://patches.sgi.com/support/free/security/advisories/20020301-01-P http://frontal2.mandriva.com/security/advisories?name=MDKSA-2001:077 http://www.apacheweek.com/issues/01-10-05security http://www.redhat.com/support/errata/RHSA-2001-126.html http://www.redhat.com/support/errata/RHSA-2001-164.html http://www.securityfocus.com/archive/1/20010709214744.A28765@brasscannon.net http://www.securityfocus.com/bid/3009 https://exchange.xforce.ibmcloud.com/vulnerabilities/8275