CVE-2003-0789
Description
mod_cgid in Apache before 2.0.48, when using a threaded MPM, does not properly handle CGI redirect paths, which could cause Apache to send the output of a CGI program to the wrong client.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2Patches
Vulnerability mechanics
Root cause
"Improper handling of CGI redirect paths in mod_cgid under threaded MPM causes output to be sent to the wrong client."
Attack vector
An attacker can send a request that triggers a CGI redirect path. Under a threaded MPM, `mod_cgid` does not properly associate the CGI redirect response with the correct client connection. This race condition or state confusion can cause the output of a CGI program to be delivered to a different client than the one that made the request, potentially leaking sensitive information.
Affected code
The vulnerability resides in the CGI redirect path handling within `mod_cgid` when Apache uses a threaded MPM. The patch does not directly modify `mod_cgid` source files, but the tag `APACHE_2_0_48` indicates the fix was included in that release. The advisory states the issue is in `mod_cgid`'s handling of CGI redirect paths, which could cause output to be sent to the wrong client.
What the fix does
The patch provided is the tag for Apache 2.0.48, which includes the fix for this vulnerability. The actual code changes that close the vulnerability are not visible in this diff — the patch only shows build system and header file adjustments (removal of `mod_status.h`, minor changes to `mod_rewrite.h` and `mod_proxy.c`). The advisory does not specify the exact code change, but the fix was released in Apache 2.0.48 to properly handle CGI redirect paths in threaded MPM configurations.
Preconditions
- configApache must be using a threaded MPM (e.g., worker MPM)
- configmod_cgid must be enabled
- networkAttacker must be able to send HTTP requests to the server
Generated on May 23, 2026. Inputs: CWE entries + fix-commit diffs from this CVE's patches. Citations validated against bundle.
References
27- apache.secsup.org/dist/httpd/Announcement2.htmlnvdBroken LinkVendor Advisory
- distro.conectiva.com.br/atualizacoes/nvdThird Party Advisory
- marc.infonvdIssue TrackingMailing ListThird Party Advisory
- security.gentoo.org/glsa/glsa-200310-04.xmlnvdThird Party Advisory
- www.redhat.com/support/errata/RHSA-2003-320.htmlnvdThird Party Advisory
- www.securityfocus.com/advisories/6079nvdThird Party AdvisoryVDB Entry
- www.securityfocus.com/bid/8926nvdThird Party AdvisoryVDB Entry
- www.securityfocus.com/bid/9504nvdThird Party AdvisoryVDB Entry
- exchange.xforce.ibmcloud.com/vulnerabilities/13552nvdThird Party AdvisoryVDB Entry
- docs.info.apple.com/article.htmlnvdBroken Link
- lists.apple.com/archives/security-announce/2004/Jan/msg00000.htmlnvdBroken LinkMailing List
- lists.apple.com/mhonarc/security-announce/msg00045.htmlnvdBroken Link
- www.ciac.org/ciac/bulletins/o-015.shtmlnvdBroken Link
- www.mandrakesecure.net/en/advisories/advisory.phpnvdBroken Link
- lists.apache.org/thread.html/54a42d4b01968df1117cea77fc53d6beb931c0e05936ad02af93e9ac%40%3Ccvs.httpd.apache.org%3Envd
- lists.apache.org/thread.html/5df9bfb86a3b054bb985a45ff9250b0332c9ecc181eec232489e7f79%40%3Ccvs.httpd.apache.org%3Envd
- lists.apache.org/thread.html/r0276683d8e1e07153fc8642618830ac0ade85b9ae0dc7b07f63bb8fc%40%3Ccvs.httpd.apache.org%3Envd
- lists.apache.org/thread.html/r2cb985de917e7da0848c440535f65a247754db8b2154a10089e4247b%40%3Ccvs.httpd.apache.org%3Envd
- lists.apache.org/thread.html/r5001ecf3d6b2bdd0b732e527654248abb264f08390045d30709a92f6%40%3Ccvs.httpd.apache.org%3Envd
- lists.apache.org/thread.html/r5f9c22f9c28adbd9f00556059edc7b03a5d5bb71d4bb80257c0d34e4%40%3Ccvs.httpd.apache.org%3Envd
- lists.apache.org/thread.html/r7035b7c9091c4b665a3b7205364775410646f12125d48e74e395f2ce%40%3Ccvs.httpd.apache.org%3Envd
- lists.apache.org/thread.html/r8828e649175df56f1f9e3919938ac7826128525426e2748f0ab62feb%40%3Ccvs.httpd.apache.org%3Envd
- lists.apache.org/thread.html/r9e8622254184645bc963a1d47c5d47f6d5a36d6f080d8d2c43b2b142%40%3Ccvs.httpd.apache.org%3Envd
- lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3Envd
- lists.apache.org/thread.html/raa117ef183f0da9b3f46efbeaa66f7622bd68868a450cae4fd8ed594%40%3Ccvs.httpd.apache.org%3Envd
- lists.apache.org/thread.html/re028d61fe612b0908595d658b9b39e74bca56f2a1ed3c5f06b5ab571%40%3Ccvs.httpd.apache.org%3Envd
- lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3Envd
News mentions
0No linked articles in our index yet.