Search for vulnerabilities
Vulnerability details: VCID-wvxf-fms8-aaae
Vulnerability ID VCID-wvxf-fms8-aaae
Aliases CVE-2002-0661
Summary Directory traversal vulnerability in Apache 2.0 through 2.0.39 on Windows, OS2, and Netware allows remote attackers to read arbitrary files and execute commands via .. (dot dot) sequences containing \ (backslash) characters.
Status Published
Exploitability 2.0
Weighted Severity 6.8
Risk 10.0
Affected and Fixed Packages Package Details
Weaknesses (0)
There are no known CWE.
System Score Found at
epss 0.59156 https://api.first.org/data/v1/epss?cve=CVE-2002-0661
epss 0.59156 https://api.first.org/data/v1/epss?cve=CVE-2002-0661
epss 0.59156 https://api.first.org/data/v1/epss?cve=CVE-2002-0661
epss 0.66031 https://api.first.org/data/v1/epss?cve=CVE-2002-0661
epss 0.91929 https://api.first.org/data/v1/epss?cve=CVE-2002-0661
epss 0.92056 https://api.first.org/data/v1/epss?cve=CVE-2002-0661
epss 0.92151 https://api.first.org/data/v1/epss?cve=CVE-2002-0661
epss 0.92151 https://api.first.org/data/v1/epss?cve=CVE-2002-0661
epss 0.92151 https://api.first.org/data/v1/epss?cve=CVE-2002-0661
epss 0.92151 https://api.first.org/data/v1/epss?cve=CVE-2002-0661
epss 0.92151 https://api.first.org/data/v1/epss?cve=CVE-2002-0661
epss 0.92151 https://api.first.org/data/v1/epss?cve=CVE-2002-0661
epss 0.92151 https://api.first.org/data/v1/epss?cve=CVE-2002-0661
epss 0.92151 https://api.first.org/data/v1/epss?cve=CVE-2002-0661
epss 0.92151 https://api.first.org/data/v1/epss?cve=CVE-2002-0661
epss 0.92151 https://api.first.org/data/v1/epss?cve=CVE-2002-0661
epss 0.92151 https://api.first.org/data/v1/epss?cve=CVE-2002-0661
epss 0.92151 https://api.first.org/data/v1/epss?cve=CVE-2002-0661
epss 0.92151 https://api.first.org/data/v1/epss?cve=CVE-2002-0661
epss 0.92151 https://api.first.org/data/v1/epss?cve=CVE-2002-0661
epss 0.92151 https://api.first.org/data/v1/epss?cve=CVE-2002-0661
epss 0.92238 https://api.first.org/data/v1/epss?cve=CVE-2002-0661
epss 0.92238 https://api.first.org/data/v1/epss?cve=CVE-2002-0661
epss 0.92238 https://api.first.org/data/v1/epss?cve=CVE-2002-0661
epss 0.92238 https://api.first.org/data/v1/epss?cve=CVE-2002-0661
epss 0.92238 https://api.first.org/data/v1/epss?cve=CVE-2002-0661
epss 0.92238 https://api.first.org/data/v1/epss?cve=CVE-2002-0661
epss 0.95962 https://api.first.org/data/v1/epss?cve=CVE-2002-0661
epss 0.95962 https://api.first.org/data/v1/epss?cve=CVE-2002-0661
epss 0.95962 https://api.first.org/data/v1/epss?cve=CVE-2002-0661
epss 0.95962 https://api.first.org/data/v1/epss?cve=CVE-2002-0661
epss 0.95962 https://api.first.org/data/v1/epss?cve=CVE-2002-0661
epss 0.95962 https://api.first.org/data/v1/epss?cve=CVE-2002-0661
epss 0.95962 https://api.first.org/data/v1/epss?cve=CVE-2002-0661
epss 0.95962 https://api.first.org/data/v1/epss?cve=CVE-2002-0661
epss 0.95962 https://api.first.org/data/v1/epss?cve=CVE-2002-0661
apache_httpd important https://httpd.apache.org/security/json/CVE-2002-0661.json
cvssv2 7.5 https://nvd.nist.gov/vuln/detail/CVE-2002-0661
Reference id Reference type URL
http://httpd.apache.org/info/security_bulletin_20020908a.txt
http://marc.info/?l=bugtraq&m=102892744011436&w=2
http://marc.info/?l=bugtraq&m=102951160411052&w=2
https://api.first.org/data/v1/epss?cve=CVE-2002-0661
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-0661
https://lists.apache.org/thread.html/54a42d4b01968df1117cea77fc53d6beb931c0e05936ad02af93e9ac@%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/54a42d4b01968df1117cea77fc53d6beb931c0e05936ad02af93e9ac%40%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/5df9bfb86a3b054bb985a45ff9250b0332c9ecc181eec232489e7f79@%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/5df9bfb86a3b054bb985a45ff9250b0332c9ecc181eec232489e7f79%40%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/r0276683d8e1e07153fc8642618830ac0ade85b9ae0dc7b07f63bb8fc@%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/r0276683d8e1e07153fc8642618830ac0ade85b9ae0dc7b07f63bb8fc%40%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/r2cb985de917e7da0848c440535f65a247754db8b2154a10089e4247b@%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/r2cb985de917e7da0848c440535f65a247754db8b2154a10089e4247b%40%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/r5001ecf3d6b2bdd0b732e527654248abb264f08390045d30709a92f6@%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/r5001ecf3d6b2bdd0b732e527654248abb264f08390045d30709a92f6%40%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/r5f9c22f9c28adbd9f00556059edc7b03a5d5bb71d4bb80257c0d34e4@%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/r5f9c22f9c28adbd9f00556059edc7b03a5d5bb71d4bb80257c0d34e4%40%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/r8828e649175df56f1f9e3919938ac7826128525426e2748f0ab62feb@%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/r8828e649175df56f1f9e3919938ac7826128525426e2748f0ab62feb%40%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/r9e8622254184645bc963a1d47c5d47f6d5a36d6f080d8d2c43b2b142@%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/r9e8622254184645bc963a1d47c5d47f6d5a36d6f080d8d2c43b2b142%40%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920@%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/rb9c9f42dafa25d2f669dac2a536a03f2575bc5ec1be6f480618aee10@%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/rb9c9f42dafa25d2f669dac2a536a03f2575bc5ec1be6f480618aee10%40%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/rd00b45b93fda4a5bd013b28587207d0e00f99f6e3308dbb6025f3b01@%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/rd00b45b93fda4a5bd013b28587207d0e00f99f6e3308dbb6025f3b01%40%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9@%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E
http://www.iss.net/security_center/static/9808.php
http://www.securityfocus.com/bid/5434
cpe:2.3:a:apache:http_server:2.0:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.0:*:*:*:*:*:*:*
cpe:2.3:a:apache:http_server:2.0.28:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.0.28:*:*:*:*:*:*:*
cpe:2.3:a:apache:http_server:2.0.28:beta:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.0.28:beta:*:*:*:*:*:*
cpe:2.3:a:apache:http_server:2.0.28:beta:win32:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.0.28:beta:win32:*:*:*:*:*
cpe:2.3:a:apache:http_server:2.0.32:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.0.32:*:*:*:*:*:*:*
cpe:2.3:a:apache:http_server:2.0.32:beta:win32:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.0.32:beta:win32:*:*:*:*:*
cpe:2.3:a:apache:http_server:2.0.34:beta:win32:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.0.34:beta:win32:*:*:*:*:*
cpe:2.3:a:apache:http_server:2.0.35:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.0.35:*:*:*:*:*:*:*
cpe:2.3:a:apache:http_server:2.0.36:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.0.36:*:*:*:*:*:*:*
cpe:2.3:a:apache:http_server:2.0.37:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.0.37:*:*:*:*:*:*:*
cpe:2.3:a:apache:http_server:2.0.38:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.0.38:*:*:*:*:*:*:*
cpe:2.3:a:apache:http_server:2.0.39:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.0.39:*:*:*:*:*:*:*
CVE-2002-0661 https://httpd.apache.org/security/json/CVE-2002-0661.json
CVE-2002-0661 https://nvd.nist.gov/vuln/detail/CVE-2002-0661
CVE-2002-0661;OSVDB-859 Exploit https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/windows/remote/21697.txt
CVE-2002-0661;OSVDB-859 Exploit https://www.securityfocus.com/bid/5434/info
Data source Exploit-DB
Date added Aug. 9, 2002
Description Apache 2.0 - Encoded Backslash Directory Traversal
Ransomware campaign use Known
Source publication date Aug. 9, 2002
Exploit type remote
Platform windows
Source update date Oct. 3, 2012
Source URL https://www.securityfocus.com/bid/5434/info
Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P Found at https://nvd.nist.gov/vuln/detail/CVE-2002-0661
Exploitability (E) Access Vector (AV) Access Complexity (AC) Authentication (Au) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

high

functional

unproven

proof_of_concept

not_defined

local

adjacent_network

network

high

medium

low

multiple

single

none

none

partial

complete

none

partial

complete

none

partial

complete
Exploit Prediction Scoring System (EPSS)
Percentile 0.97876
EPSS Score 0.59156
Published At Dec. 17, 2024, midnight
Date Actor Action Source VulnerableCode Version
There are no relevant records.