What is the severity of CVE-2000-1205?

The severity of CVE-2000-1205 is considered high due to its potential for cross-site scripting attacks.

How do I fix CVE-2000-1205?

To fix CVE-2000-1205, upgrade Apache HTTP Server to version 1.3.12 or later which includes security patches.

What types of Apache HTTP Server versions are affected by CVE-2000-1205?

CVE-2000-1205 affects Apache HTTP Server versions from 1.3.0 through 1.3.11.

What vulnerability does CVE-2000-1205 exploit?

CVE-2000-1205 exploits cross-site scripting vulnerabilities in the printenv CGI and custom error pages.

Can CVE-2000-1205 affect user data security?

Yes, CVE-2000-1205 can compromise user data security by allowing attackers to execute scripts on behalf of other users.

Vulnerability/
CVE-2000-1205

medium

4.3

CWE

1/2/2000

20/11/2024

CVE-2000-1205: XSS

First published: Tue Feb 01 2000(Updated: )

Cross site scripting vulnerabilities in Apache 1.3.0 through 1.3.11 allow remote attackers to execute script as other web site visitors via (1) the printenv CGI (printenv.pl), which does not encode its output, (2) pages generated by the ap_send_error_response function such as a default 404, which does not add an explicit charset, or (3) various messages that are generated by certain Apache modules or core code. NOTE: the printenv issue might still exist for web browsers that can render text/plain content types as HTML, such as Internet Explorer, but CVE regards this as a design limitation of those browsers, not Apache. The printenv.pl/acuparam vector, discloser on 20070724, is one such variant.

Credit: cve@mitre.org

Affected Software	Affected Version	How to fix
Apache Http Server	=1.3.0
Apache Http Server	=1.3.1
Apache Http Server	=1.3.2
Apache Http Server	=1.3.3
Apache Http Server	=1.3.4
Apache Http Server	=1.3.5
Apache Http Server	=1.3.6
Apache Http Server	=1.3.7
Apache Http Server	=1.3.8
Apache Http Server	=1.3.9
Apache Http Server	=1.3.10
Apache Http Server	=1.3.11

Remedy

http://httpd.apache.org/info/css-security/apache_specific.html

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2000-1205?
The severity of CVE-2000-1205 is considered high due to its potential for cross-site scripting attacks.
How do I fix CVE-2000-1205?
To fix CVE-2000-1205, upgrade Apache HTTP Server to version 1.3.12 or later which includes security patches.
What types of Apache HTTP Server versions are affected by CVE-2000-1205?
CVE-2000-1205 affects Apache HTTP Server versions from 1.3.0 through 1.3.11.
What vulnerability does CVE-2000-1205 exploit?
CVE-2000-1205 exploits cross-site scripting vulnerabilities in the printenv CGI and custom error pages.
Can CVE-2000-1205 affect user data security?
Yes, CVE-2000-1205 can compromise user data security by allowing attackers to execute scripts on behalf of other users.

agent/author
agent/references
agent/type
agent/first-publish-date
agent/severity
agent/remedy
agent/weakness
agent/last-modified-date
agent/description
agent/event
collector/nvd-historical
agent/software-canonical-lookup-request
collector/nvd-api
source/NVD
agent/software-canonical-lookup
collector/nvd-index
agent/softwarecombine
agent/tags
agent/source
vendor/apache
canonical/apache http server
version/apache http server/1.3.10
version/apache http server/1.3.8
version/apache http server/1.3.1
version/apache http server/1.3.5
version/apache http server/1.3.6
version/apache http server/1.3.2
version/apache http server/1.3.4
version/apache http server/1.3.0
version/apache http server/1.3.3
version/apache http server/1.3.9
version/apache http server/1.3.11
version/apache http server/1.3.7