Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
mod_usertrack in Apache 1.3.11 through 1.3.20 generates session ID's using predictable information including host IP address, system time and server process ID, which allows local users to obtain session ID's and bypass authentication when these session ID's are used for authentication.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Apache HTTP Server 授权问题漏洞
Vulnerability Description
Apache HTTP Server是美国阿帕奇(Apache)基金会的一款开源网页服务器。该服务器具有快速、可靠且可通过简单的API进行扩充的特点。 Apache HTTP Server 1.3.11版本到1.3.20版本存在授权问题漏洞,该漏洞源于mod_usertrack通过使用含主机IP地址、系统时间和服务器进程ID的可预言信息产生会话ID,本地用户可以在这些会话ID用于认证时获得会话ID's以及绕过认证。
CVSS Information
N/A
Vulnerability Type
N/A