CVE-2000-1206 - Stringendo Move

Description

Vulnerability in Apache httpd before 1.3.11 when configured for mass virtual hosting using mod_rewrite or mod_vhost_alias in Apache 1.3.9 allows remote attackers to retrieve arbitrary files.

Reference

http://www.apacheweek.com/issues/00-01-07#status https://lists.apache.org/thread.html/r5419c9ba0951ef73a655362403d12bb8d10fab38274deb3f005816f5@%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9@%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920@%3Ccvs.httpd.apache.org%3E