Staging Environment: Content and features may be unstable or change without notice.
Search for vulnerabilities
Vulnerability details: VCID-nhr8-n4kg-5qg1
Vulnerability ID VCID-nhr8-n4kg-5qg1
Aliases CVE-2000-0505
Summary A security hole on Apache for Windows allows a user to view the listing of a directory instead of the default HTML page by sending a carefully constructed request.
Status Published
Exploitability 2.0
Weighted Severity 4.8
Risk 9.6
Affected and Fixed Packages Package Details
Weaknesses (0)
There are no known CWE.
System Score Found at
epss 0.46366 https://api.first.org/data/v1/epss?cve=CVE-2000-0505
epss 0.46366 https://api.first.org/data/v1/epss?cve=CVE-2000-0505
epss 0.46366 https://api.first.org/data/v1/epss?cve=CVE-2000-0505
epss 0.46366 https://api.first.org/data/v1/epss?cve=CVE-2000-0505
epss 0.46366 https://api.first.org/data/v1/epss?cve=CVE-2000-0505
epss 0.46366 https://api.first.org/data/v1/epss?cve=CVE-2000-0505
epss 0.46366 https://api.first.org/data/v1/epss?cve=CVE-2000-0505
epss 0.46366 https://api.first.org/data/v1/epss?cve=CVE-2000-0505
epss 0.46366 https://api.first.org/data/v1/epss?cve=CVE-2000-0505
apache_httpd moderate https://httpd.apache.org/security/json/CVE-2000-0505.json
cvssv2 5.0 https://nvd.nist.gov/vuln/detail/CVE-2000-0505
Reference id Reference type URL
https://api.first.org/data/v1/epss?cve=CVE-2000-0505
https://exchange.xforce.ibmcloud.com/vulnerabilities/4575
https://lists.apache.org/thread.html/r5419c9ba0951ef73a655362403d12bb8d10fab38274deb3f005816f5%40%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/r5f9c22f9c28adbd9f00556059edc7b03a5d5bb71d4bb80257c0d34e4%40%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/rb9c9f42dafa25d2f669dac2a536a03f2575bc5ec1be6f480618aee10%40%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/rf2f0f3611f937cf6cfb3b4fe4a67f69885855126110e1e3f2fb2728e%40%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E
http://www.securityfocus.com/bid/1284
http://www.securityfocus.com/templates/archive.pike?list=1&msg=Pine.BSF.4.20.0006031912360.45740-100000%40alive.znep.com
cpe:2.3:a:apache:http_server:1.3.11:*:win32:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:1.3.11:*:win32:*:*:*:*:*
cpe:2.3:a:apache:http_server:1.3.12:*:win32:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:1.3.12:*:win32:*:*:*:*:*
cpe:2.3:a:apache:http_server:1.3.6:*:win32:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:1.3.6:*:win32:*:*:*:*:*
cpe:2.3:a:apache:http_server:1.3.9:*:win32:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:1.3.9:*:win32:*:*:*:*:*
cpe:2.3:a:ibm:http_server:1.3.3:*:win32:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ibm:http_server:1.3.3:*:win32:*:*:*:*:*
cpe:2.3:a:ibm:http_server:1.3.6.2:*:win32:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ibm:http_server:1.3.6.2:*:win32:*:*:*:*:*
CVE-2000-0505 https://httpd.apache.org/security/json/CVE-2000-0505.json
CVE-2000-0505 https://nvd.nist.gov/vuln/detail/CVE-2000-0505
CVE-2000-0505;OSVDB-342 Exploit https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/windows/remote/19975.pl
CVE-2000-0505;OSVDB-342 Exploit https://www.securityfocus.com/bid/1284/info
Data source Exploit-DB
Date added May 31, 2000
Description Apache 1.3.6/1.3.9/1.3.11/1.3.12/1.3.20 - Root Directory Access
Ransomware campaign use Known
Source publication date May 31, 2000
Exploit type remote
Platform windows
Source update date July 20, 2012
Source URL https://www.securityfocus.com/bid/1284/info
Vector: AV:N/AC:L/Au:N/C:P/I:N/A:N Found at https://nvd.nist.gov/vuln/detail/CVE-2000-0505
Exploitability (E) Access Vector (AV) Access Complexity (AC) Authentication (Au) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

high

functional

unproven

proof_of_concept

not_defined

local

adjacent_network

network

high

medium

low

multiple

single

none

none

partial

complete

none

partial

complete

none

partial

complete
Exploit Prediction Scoring System (EPSS)
Percentile 0.97629
EPSS Score 0.46366
Published At April 1, 2026, 12:55 p.m.
Date Actor Action Source VulnerableCode Version
2026-04-01T12:36:11.296278+00:00 Apache HTTPD Importer Import https://httpd.apache.org/security/json/CVE-2000-0505.json 38.0.0