2002-06-25 04:00:00
mitre
PUBLISHED
Apache 1.3.20 with Multiviews enabled allows remote attackers to view directory contents and bypass the index page via a URL containing the "M=D" query string.