Unrated severityNVD Advisory· Published Apr 15, 2004· Updated Jun 16, 2026
CVE-2004-0173
CVE-2004-0173
Description
Directory traversal vulnerability in Apache 1.3.29 and earlier, and Apache 2.0.48 and earlier, when running on Cygwin, allows remote attackers to read arbitrary files via a URL containing "..%5C" (dot dot encoded backslash) sequences.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
11cpe:2.3:a:apache:http_server:0.8.11:*:*:*:*:*:*:*+ 10 more
- cpe:2.3:a:apache:http_server:0.8.11:*:*:*:*:*:*:*
- cpe:2.3:a:apache:http_server:0.8.14:*:*:*:*:*:*:*
- cpe:2.3:a:apache:http_server:1.0:*:*:*:*:*:*:*
- cpe:2.3:a:apache:http_server:1.0.2:*:*:*:*:*:*:*
- cpe:2.3:a:apache:http_server:1.0.3:*:*:*:*:*:*:*
- cpe:2.3:a:apache:http_server:1.0.5:*:*:*:*:*:*:*
- cpe:2.3:a:apache:http_server:1.1:*:*:*:*:*:*:*
- cpe:2.3:a:apache:http_server:1.1.1:*:*:*:*:*:*:*
- cpe:2.3:a:apache:http_server:1.2:*:*:*:*:*:*:*
- cpe:2.3:a:apache:http_server:1.2.5:*:*:*:*:*:*:*
- cpe:2.3:a:apache:http_server:1.3:*:*:*:*:*:*:*
Patches
Vulnerability mechanics
References
7- www.securityfocus.com/bid/9733nvdExploitPatchVendor Advisory
- issues.apache.org/bugzilla/show_bug.cginvd
- lists.grok.org.uk/pipermail/full-disclosure/2004-February/017740.htmlnvd
- marc.infonvd
- secunia.com/advisories/10962nvd
- www.apacheweek.com/issues/04-03-12nvd
- exchange.xforce.ibmcloud.com/vulnerabilities/15293nvd
News mentions
0No linked articles in our index yet.