VulnerableCode Vulnerability Details

Search for vulnerabilities

System	Score	Found at
epss	0.91312	https://api.first.org/data/v1/epss?cve=CVE-2002-0661
epss	0.91312	https://api.first.org/data/v1/epss?cve=CVE-2002-0661
epss	0.91312	https://api.first.org/data/v1/epss?cve=CVE-2002-0661
epss	0.91312	https://api.first.org/data/v1/epss?cve=CVE-2002-0661
epss	0.91312	https://api.first.org/data/v1/epss?cve=CVE-2002-0661
apache_httpd	important	https://httpd.apache.org/security/json/CVE-2002-0661.json
cvssv2	7.5	https://nvd.nist.gov/vuln/detail/CVE-2002-0661

System

Score

Found at

epss

0.91312

https://api.first.org/data/v1/epss?cve=CVE-2002-0661

epss

0.91312

https://api.first.org/data/v1/epss?cve=CVE-2002-0661

epss

0.91312

https://api.first.org/data/v1/epss?cve=CVE-2002-0661

epss

0.91312

https://api.first.org/data/v1/epss?cve=CVE-2002-0661

epss

0.91312

https://api.first.org/data/v1/epss?cve=CVE-2002-0661

apache_httpd

important

https://httpd.apache.org/security/json/CVE-2002-0661.json

cvssv2

7.5

https://nvd.nist.gov/vuln/detail/CVE-2002-0661

Reference id	Reference type	URL
		http://httpd.apache.org/info/security_bulletin_20020908a.txt
		http://marc.info/?l=bugtraq&m=102892744011436&w=2
		http://marc.info/?l=bugtraq&m=102951160411052&w=2
		https://api.first.org/data/v1/epss?cve=CVE-2002-0661
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-0661
		https://lists.apache.org/thread.html/54a42d4b01968df1117cea77fc53d6beb931c0e05936ad02af93e9ac%40%3Ccvs.httpd.apache.org%3E
		https://lists.apache.org/thread.html/5df9bfb86a3b054bb985a45ff9250b0332c9ecc181eec232489e7f79%40%3Ccvs.httpd.apache.org%3E
		https://lists.apache.org/thread.html/r0276683d8e1e07153fc8642618830ac0ade85b9ae0dc7b07f63bb8fc%40%3Ccvs.httpd.apache.org%3E
		https://lists.apache.org/thread.html/r2cb985de917e7da0848c440535f65a247754db8b2154a10089e4247b%40%3Ccvs.httpd.apache.org%3E
		https://lists.apache.org/thread.html/r5001ecf3d6b2bdd0b732e527654248abb264f08390045d30709a92f6%40%3Ccvs.httpd.apache.org%3E
		https://lists.apache.org/thread.html/r5f9c22f9c28adbd9f00556059edc7b03a5d5bb71d4bb80257c0d34e4%40%3Ccvs.httpd.apache.org%3E
		https://lists.apache.org/thread.html/r8828e649175df56f1f9e3919938ac7826128525426e2748f0ab62feb%40%3Ccvs.httpd.apache.org%3E
		https://lists.apache.org/thread.html/r9e8622254184645bc963a1d47c5d47f6d5a36d6f080d8d2c43b2b142%40%3Ccvs.httpd.apache.org%3E
		https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E
		https://lists.apache.org/thread.html/rb9c9f42dafa25d2f669dac2a536a03f2575bc5ec1be6f480618aee10%40%3Ccvs.httpd.apache.org%3E
		https://lists.apache.org/thread.html/rd00b45b93fda4a5bd013b28587207d0e00f99f6e3308dbb6025f3b01%40%3Ccvs.httpd.apache.org%3E
		https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E
		http://www.iss.net/security_center/static/9808.php
		http://www.securityfocus.com/bid/5434
cpe:2.3:a:apache:http_server:2.0:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.0:::::::*
cpe:2.3:a:apache:http_server:2.0.28:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.0.28:::::::*
cpe:2.3:a:apache:http_server:2.0.28:beta::::::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.0.28:beta::::::
cpe:2.3:a:apache:http_server:2.0.28:beta:win32:::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.0.28:beta:win32:::::*
cpe:2.3:a:apache:http_server:2.0.32:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.0.32:::::::*
cpe:2.3:a:apache:http_server:2.0.32:beta:win32:::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.0.32:beta:win32:::::*
cpe:2.3:a:apache:http_server:2.0.34:beta:win32:::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.0.34:beta:win32:::::*
cpe:2.3:a:apache:http_server:2.0.35:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.0.35:::::::*
cpe:2.3:a:apache:http_server:2.0.36:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.0.36:::::::*
cpe:2.3:a:apache:http_server:2.0.37:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.0.37:::::::*
cpe:2.3:a:apache:http_server:2.0.38:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.0.38:::::::*
cpe:2.3:a:apache:http_server:2.0.39:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.0.39:::::::*
CVE-2002-0661		https://httpd.apache.org/security/json/CVE-2002-0661.json
CVE-2002-0661		https://nvd.nist.gov/vuln/detail/CVE-2002-0661
CVE-2002-0661;OSVDB-859	Exploit	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/windows/remote/21697.txt
CVE-2002-0661;OSVDB-859	Exploit	https://www.securityfocus.com/bid/5434/info

Reference id

Reference type

URL

http://httpd.apache.org/info/security_bulletin_20020908a.txt

http://marc.info/?l=bugtraq&m=102892744011436&w=2

http://marc.info/?l=bugtraq&m=102951160411052&w=2

https://api.first.org/data/v1/epss?cve=CVE-2002-0661

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-0661

https://lists.apache.org/thread.html/54a42d4b01968df1117cea77fc53d6beb931c0e05936ad02af93e9ac%40%3Ccvs.httpd.apache.org%3E

https://lists.apache.org/thread.html/5df9bfb86a3b054bb985a45ff9250b0332c9ecc181eec232489e7f79%40%3Ccvs.httpd.apache.org%3E

https://lists.apache.org/thread.html/r0276683d8e1e07153fc8642618830ac0ade85b9ae0dc7b07f63bb8fc%40%3Ccvs.httpd.apache.org%3E

https://lists.apache.org/thread.html/r2cb985de917e7da0848c440535f65a247754db8b2154a10089e4247b%40%3Ccvs.httpd.apache.org%3E

https://lists.apache.org/thread.html/r5001ecf3d6b2bdd0b732e527654248abb264f08390045d30709a92f6%40%3Ccvs.httpd.apache.org%3E

https://lists.apache.org/thread.html/r5f9c22f9c28adbd9f00556059edc7b03a5d5bb71d4bb80257c0d34e4%40%3Ccvs.httpd.apache.org%3E

https://lists.apache.org/thread.html/r8828e649175df56f1f9e3919938ac7826128525426e2748f0ab62feb%40%3Ccvs.httpd.apache.org%3E

https://lists.apache.org/thread.html/r9e8622254184645bc963a1d47c5d47f6d5a36d6f080d8d2c43b2b142%40%3Ccvs.httpd.apache.org%3E

https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E

https://lists.apache.org/thread.html/rb9c9f42dafa25d2f669dac2a536a03f2575bc5ec1be6f480618aee10%40%3Ccvs.httpd.apache.org%3E

https://lists.apache.org/thread.html/rd00b45b93fda4a5bd013b28587207d0e00f99f6e3308dbb6025f3b01%40%3Ccvs.httpd.apache.org%3E

https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E

http://www.iss.net/security_center/static/9808.php

http://www.securityfocus.com/bid/5434

cpe:2.3:a:apache:http_server:2.0:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.0:*:*:*:*:*:*:*

cpe:2.3:a:apache:http_server:2.0.28:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.0.28:*:*:*:*:*:*:*

cpe:2.3:a:apache:http_server:2.0.28:beta:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.0.28:beta:*:*:*:*:*:*

cpe:2.3:a:apache:http_server:2.0.28:beta:win32:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.0.28:beta:win32:*:*:*:*:*

cpe:2.3:a:apache:http_server:2.0.32:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.0.32:*:*:*:*:*:*:*

cpe:2.3:a:apache:http_server:2.0.32:beta:win32:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.0.32:beta:win32:*:*:*:*:*

cpe:2.3:a:apache:http_server:2.0.34:beta:win32:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.0.34:beta:win32:*:*:*:*:*

cpe:2.3:a:apache:http_server:2.0.35:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.0.35:*:*:*:*:*:*:*

cpe:2.3:a:apache:http_server:2.0.36:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.0.36:*:*:*:*:*:*:*

cpe:2.3:a:apache:http_server:2.0.37:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.0.37:*:*:*:*:*:*:*

cpe:2.3:a:apache:http_server:2.0.38:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.0.38:*:*:*:*:*:*:*

cpe:2.3:a:apache:http_server:2.0.39:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.0.39:*:*:*:*:*:*:*

CVE-2002-0661

https://httpd.apache.org/security/json/CVE-2002-0661.json

CVE-2002-0661

https://nvd.nist.gov/vuln/detail/CVE-2002-0661

CVE-2002-0661;OSVDB-859

Exploit

https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/windows/remote/21697.txt

CVE-2002-0661;OSVDB-859

Exploit

https://www.securityfocus.com/bid/5434/info

Data source	Exploit-DB
Date added	Aug. 9, 2002
Description	Apache 2.0 - Encoded Backslash Directory Traversal
Ransomware campaign use	Known
Source publication date	Aug. 9, 2002
Exploit type	remote
Platform	windows
Source update date	Oct. 3, 2012
Source URL	https://www.securityfocus.com/bid/5434/info

Exploit-DB

Aug. 9, 2002

Apache 2.0 - Encoded Backslash Directory Traversal

Known

Aug. 9, 2002

remote

windows

Oct. 3, 2012

https://www.securityfocus.com/bid/5434/info

Exploitability (E)	Access Vector (AV)	Access Complexity (AC)	Authentication (Au)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
high functional unproven proof_of_concept not_defined	local adjacent_network network	high medium low	multiple single none	none partial complete	none partial complete	none partial complete

Exploitability (E)

Access Vector (AV)

Access Complexity (AC)

Authentication (Au)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

high

functional

unproven

proof_of_concept

not_defined

local

adjacent_network

network

high

medium

low

multiple

single

none

partial

complete

none

partial

complete

none

partial

complete

Date	Actor	Action	Source	VulnerableCode Version
2026-04-01T12:36:11.611828+00:00	Apache HTTPD Importer	Import	https://httpd.apache.org/security/json/CVE-2002-0661.json	38.0.0

2026-04-01T12:36:11.611828+00:00

Apache HTTPD Importer

Import

https://httpd.apache.org/security/json/CVE-2002-0661.json

38.0.0

Vulnerability ID	VCID-cgqk-f3fx-sfe9
Aliases	CVE-2002-0661
Summary	Certain URIs would bypass security and allow users to invoke or access any file depending on the system configuration. Affects Windows, OS2, Netware and Cygwin platforms only.
Status	Published
Exploitability	2.0
Weighted Severity	6.8
Risk	10.0
Affected and Fixed Packages	Package Details

Percentile	0.99651
EPSS Score	0.91312
Published At	April 2, 2026, 12:55 p.m.