Description
Cytrix has detected that the Version of Apache HTTP Server being used might be vulnerable to MS-DOS device name filtering. Also known as CVE-2003-0016.
When using Windows OS’s 9x and ME, Apache didn’t correctly filter the MS-DOS device names. That will lead to attackers initiating Denial of Service (DoS) attacks against your assets.
That will lead to information being disclosed.
This will also enable remote attackers to execute arbitrary code using an HTTP request that contains MS-DOS device names.
There’s a chance that this vulnerability will allow attackers to modify system files and information. Also, it will cause a decrease in performance and interruptions in the availability of resources.
Recommendation
To fix CVE-2003-0016, upgrade the version of Apache HTTP Server being used to 2.0.44.
References
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2003-0016