Apache on MacOS X Client 10.0.3 with the HFS+ file system allows remote attackers to bypass access restrictions via a URL that contains some characters whose case is not matched by Apache's filters.
The product does not properly account for differences in case sensitivity when accessing or determining the properties of a resource, leading to inconsistent results.
Link | Tags |
---|---|
http://archives.neohapsis.com/archives/bugtraq/2001-06/0090.html | mailing list broken link patch vendor advisory |
http://www.securityfocus.com/bid/2852 | patch vendor advisory exploit vdb entry third party advisory broken link |