Endpoint Vulnerability

Apache Httpd - low:AllowOverride Options handling bypass(CVE-2009-1195)

Description

A flaw was found in the handling of the 'Options' and 'AllowOverride' directives. In configurations using the 'AllowOverride' directive with certain 'Options=' arguments, local users were not restricted from executing commands from a Server-Side-Include script as intended.

Affected Products

Apache Httpd

References

CVE-2009-1195,