CVE-2002-0061

CVSS 7.5 - HIGH
Description

Apache for Win32 before 1.3.24, and 2.0.x before 2.0.34-beta, allows remote attackers to execute arbitrary commands via shell metacharacters (a | pipe character) provided as arguments to batch (.bat) or .cmd scripts, which are sent unfiltered to the shell interpreter, typically cmd.exe.

Affected Products
2
Vendor Product Version
apache http_server All versions
apache http_server All versions
References
http://marc.info/?l=bugtraq&m=101674082427358&w=2
http://online.securityfocus.com/archive/1/263927
http://www.apacheweek.com/issues/02-03-29#apache13...
http://www.iss.net/security_center/static/8589.php
http://www.securityfocus.com/bid/4335
https://lists.apache.org/thread.html/r5419c9ba0951...
https://lists.apache.org/thread.html/r9f93cf6dde30...
https://lists.apache.org/thread.html/rf2f0f3611f93...
https://lists.apache.org/thread.html/rf6449464fd8b...
http://marc.info/?l=bugtraq&m=101674082427358&w=2
http://online.securityfocus.com/archive/1/263927
http://www.apacheweek.com/issues/02-03-29#apache13...
http://www.iss.net/security_center/static/8589.php
http://www.securityfocus.com/bid/4335
https://lists.apache.org/thread.html/r5419c9ba0951...
https://lists.apache.org/thread.html/r9f93cf6dde30...
https://lists.apache.org/thread.html/rf2f0f3611f93...
https://lists.apache.org/thread.html/rf6449464fd8b...
Weakness Types
CWE-78
CVE Information
CVE ID:
CVE-2002-0061
Published:
2002-03-21
Modified:
2026-04-16
CVSS Score:
7.5
Severity:
HIGH
Vector:
AV:N/AC:L/Au:N/C:P/I:P/A:P
Affected Vendors
apache
Quick Actions
View on NVD Find Similar CVEs
CVSS Severity Scale
0.0 - 3.9 LOW
4.0 - 6.9 MEDIUM
7.0 - 8.9 HIGH
9.0 - 10.0 CRITICAL