CVE-2002-1592

EPSS 5.5%

Published: 5/6/2002Modified: 4/28/2026

Description

The ap_log_rerror function in Apache 2.0 through 2.035, when a CGI application encounters an error, sends error messages to the client that include the full path for the server, which allows remote attackers to obtain sensitive information.

Affected packages (1)

Debian/apache2from 0, < 2.0.36

References (1)

ADVISORYhttps://security-tracker.debian.org/tracker/CVE-2002-1592