Lucene search
K

52 matches found

RedHat Linux
RedHat Linux
added 2003/10/15 8:18 a.m.2 views

security flaw

Apache 2 before 2.0.47, and certain versions of modssl for Apache 1.3, do not properly handle "certain sequences of per-directory renegotiations and the SSLCipherSuite directive being used to upgrade from a weak ciphersuite to a strong one," which could cause Apache to use the weak ciphersuite...

6.4CVSS5.8AI score0.05993EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2002/11/08 11:15 a.m.6 views

security flaw

The shared memory scoreboard in the HTTP daemon for Apache 1.3.x before 1.3.27 allows any user running as the Apache UID to send a SIGUSR1 signal to any process as root, resulting in a denial of service process kill or possibly other behaviors that would not normally be allowed, by modifying the...

7.2CVSS5.8AI score0.00944EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2002/11/08 11:15 a.m.5 views

security flaw

The shared memory scoreboard in the HTTP daemon for Apache 1.3.x before 1.3.27 allows any user running as the Apache UID to send a SIGUSR1 signal to any process as root, resulting in a denial of service process kill or possibly other behaviors that would not normally be allowed, by modifying the...

7.2CVSS5.8AI score0.00944EPSS
Exploits0References4
Apache Httpd
Apache Httpd
added 2002/10/03 12:0 a.m.28 views

Apache Httpd < 2.0.43 : CGI scripts source revealed using WebDAV

In Apache 2.0.42 only, for a location where both WebDAV and CGI were enabled, a POST request to a CGI script would reveal the CGI source to a remote user...

5CVSS0.1AI score0.1346EPSS
Exploits0Affected Software1
Exploit DB
Exploit DB
added 2002/08/09 12:0 a.m.36 views

Apache 2.0 - Encoded Backslash Directory Traversal

source: https://www.securityfocus.com/bid/5434/info A directory traversal vulnerability exists in Apache versions 2.0.39 and earlier on non-Unix platforms potentially including Apache compiled with CYGWIN. Platforms that may be affected by this include Windows, OS2, and Netware. The issue is...

7.4AI score
Exploits0
RedHat Linux
RedHat Linux
added 2002/06/30 3:23 p.m.4 views

security flaw

Apache 1.3 through 1.3.24, and Apache 2.0 through 2.0.36, allows remote attackers to cause a denial of service and possibly execute arbitrary code via a chunk-encoded HTTP request that causes Apache to use an incorrect size...

7.5CVSS6.2AI score0.95027EPSS
Exploits8References4
Cvelist
Cvelist
added 2002/06/25 4:0 a.m.31 views

CVE-2001-0731

Apache 1.3.20 with Multiviews enabled allows remote attackers to view directory contents and bypass the index page via a URL containing the "M=D" query string...

6.4AI score0.56756EPSS
Exploits0References13
NVD
NVD
added 2002/05/06 4:0 a.m.14 views

CVE-2002-1592

The aplogrerror function in Apache 2.0 through 2.035, when a CGI application encounters an error, sends error messages to the client that include the full path for the server, which allows remote attackers to obtain sensitive information...

5CVSS6.5AI score0.12458EPSS
Exploits0References16
securityvulns
securityvulns
added 2001/08/17 12:0 a.m.77 views

[LoWNOISE] Tomcat 3.2.1 ..0 DoS &#40;WinNT&#41;

-- LoWNOISE Aug/2001 -- Jakarta-Tomcat v3.2.1 Maybe Others Tested on: Apache 1.3.19 WinNT 4.0 The Problems: --Path Revealing and Method discovery Example: http://host/index.jsp Error: 500 Location: /index.jsp Internal Servlet Error: org.apache.jasper.JasperException: Unable to compile class for J...

0.1AI score
Exploits0
NVD
NVD
added 2001/03/12 5:0 a.m.18 views

CVE-2001-0131

htpasswd and htdigest in Apache 2.0a9, 1.3.14, and others allows local users to overwrite arbitrary files via a symlink attack...

3.3CVSS6.1AI score0.02309EPSS
Exploits0References4
Cvelist
Cvelist
added 2001/01/22 5:0 a.m.26 views

CVE-2000-0869

The default configuration of Apache 1.3.12 in SuSE Linux 6.4 enables WebDAV, which allows remote attackers to list arbitrary directories via the PROPFIND HTTP request method...

6.8AI score0.5095EPSS
Exploits1References4
NVD
NVD
added 2000/10/13 4:0 a.m.19 views

CVE-2000-1204

Vulnerability in the modvhostalias virtual hosting module for Apache 1.3.9, 1.3.11 and 1.3.12 allows remote attackers to obtain the source code for CGI programs if the cgi-bin directory is under the document root...

5CVSS6.8AI score0.10515EPSS
Exploits1References7
Rows per page
Query Builder