Lucene search
K

266 matches found

FreeBSD
FreeBSD
added 2004/11/01 12:0 a.m.28 views

apache2 multiple space header denial-of-service vulnerability

It is possible for remote attackers to cause a denial-of-service scenario on Apache 2.0.52 and earlier by sending an HTTP GET request with a MIME header containing multiple lines full of whitespaces...

5CVSS6.5AI score0.55105EPSS
Exploits7References1
Positive Technologies
Positive Technologies
added 2004/10/21 12:0 a.m.4 views

PT-2004-1967 · Apache · Apache +1

Name of the Vulnerable Software and Affected Versions: Apache versions 1.3.x through 1.3.32 Description: The issue is related to a buffer overflow in the get tag function in mod include, which allows local users who can create SSI documents to execute arbitrary code as the apache user. This can b...

7.8CVSS7.9AI score0.0483EPSS
Exploits1References26
UbuntuCve
UbuntuCve
added 2004/10/20 4:0 a.m.32 views

CVE-2004-0786

The IPv6 URI parsing routines in the apr-util library for Apache 2.0.50 and earlier allow remote attackers to cause a denial of service child process crash via a certain URI, as demonstrated using the Codenomicon HTTP Test Tool...

5CVSS6AI score0.21769EPSS
Exploits0References1
NVD
NVD
added 2004/10/20 4:0 a.m.19 views

CVE-2004-0786

The IPv6 URI parsing routines in the apr-util library for Apache 2.0.50 and earlier allow remote attackers to cause a denial of service child process crash via a certain URI, as demonstrated using the Codenomicon HTTP Test Tool...

5CVSS7.3AI score0.21769EPSS
Exploits0References20
Debian CVE
Debian CVE
added 2004/10/16 4:0 a.m.29 views

CVE-2004-0885

The modssl module in Apache 2.0.35 through 2.0.52, when using the "SSLCipherSuite" directive in directory or location context, allows remote clients to bypass intended restrictions by using any cipher suite that is allowed by the virtual host configuration...

7.5CVSS6.4AI score0.13835EPSS
Exploits0
Cvelist
Cvelist
added 2004/09/24 4:0 a.m.26 views

CVE-2004-0811

Unknown vulnerability in Apache 2.0.51 prevents "the merging of the Satisfy directive," which could allow attackers to obtain access to restricted resources contrary to the specified authentication configuration...

7.5AI score0.06813EPSS
Exploits1References19
Debian CVE
Debian CVE
added 2004/09/24 4:0 a.m.57 views

CVE-2004-0811

Unknown vulnerability in Apache 2.0.51 prevents "the merging of the Satisfy directive," which could allow attackers to obtain access to restricted resources contrary to the specified authentication configuration...

7.5CVSS6.3AI score0.06813EPSS
Exploits1
Tenable Nessus
Tenable Nessus
added 2004/09/24 12:0 a.m.24 views

GLSA-200409-33 : Apache: Exposure of protected directories

The remote host is affected by the vulnerability described in GLSA-200409-33 Apache: Exposure of protected directories A bug in the way Apache handles the Satisfy directive, which is used to require that certain conditions client host, client authentication, etc be met before access to a certain...

7.5CVSS5.5AI score0.06813EPSS
Exploits1References3
Tenable Nessus
Tenable Nessus
added 2004/09/23 12:0 a.m.17 views

Apache < 2.0.52-dev 'Satisfy' Directive Access Control Bypass

Binary data 2309.prm...

7.5CVSS7.3AI score0.06813EPSS
Exploits1References1
Cvelist
Cvelist
added 2004/09/17 4:0 a.m.28 views

CVE-2004-0747

Buffer overflow in Apache 2.0.50 and earlier allows local users to gain apache privileges via a .htaccess file that causes the overflow during expansion of environment variables...

7.8AI score0.01607EPSS
Exploits0References26
securityvulns
securityvulns
added 2004/09/16 12:0 a.m.43 views

SA04-002 - Apache config file env variable buffer overflow

SITIC Vulnerability Advisory Advisory Name: Apache config file env variable buffer overflow Advisory Reference: SA04-002 Date of initial release: 2004-09-15 Product: Apache 2.0.x Platform: Linux, BSD systems, Unix, Windows Effect: Code execution when processing .htaccess files Vulnerability...

4.6CVSS0.8AI score0.01607EPSS
Exploits0
Exploit DB
Exploit DB
added 2004/09/16 12:0 a.m.42 views

htpasswd Apache 1.3.31 - Local Overflow

!/usr/bin/perl Proof Of Concept exploit for htpasswd of Apache. Read the advisory for more information. - Luiz Fernando Camargo - foxtrotatflowsecurity.org $shellcode = "\x31\xdb\x6a\x17\x58\xcd\x80\x31\xc0\x50\x68\x2f\x2f\x73\x68"...

7.4AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2004/09/15 12:0 a.m.26 views

Apache < 2.0.51 ${ENVVAR} Local Overflow

Binary data 2290.prm...

7.8CVSS7.3AI score0.21769EPSS
Exploits2References4
Tenable Nessus
Tenable Nessus
added 2004/09/15 12:0 a.m.12 views

Apache < 2.0.51 IPv6 Remote Buffer Overflow

Binary data 2292.prm...

7.8CVSS7.3AI score0.69653EPSS
Exploits1References5
Tenable Nessus
Tenable Nessus
added 2004/09/15 12:0 a.m.17 views

Apache < 2.0.51 mod_dav DAV LOCK Command Remote DoS

Binary data 2291.prm...

7.5CVSS7.3AI score0.15463EPSS
Exploits2References2
FreeBSD
FreeBSD
added 2004/09/15 12:0 a.m.41 views

apache -- ap_resolve_env buffer overflow

SITIC discovered a vulnerability in Apache 2's handling of environmental variable settings in the httpd configuration files the main httpd.conf' and .htaccess' files. According to a SITIC advisory: The buffer overflow occurs when expanding $ENVVAR constructs in .htaccess or httpd.conf files. The...

7.8CVSS6.8AI score0.01607EPSS
Exploits0References1
FreeBSD
FreeBSD
added 2004/09/15 12:0 a.m.36 views

apache -- apr_uri_parse IPv6 address handling vulnerability

The Apache Software Foundation Security Team discovered a programming error in the apr-util library function apruriparse. When parsing IPv6 literal addresses, it is possible that a length is incorrectly calculated to be negative, and this value is passed to memcpy. This may result in an exploitab...

5CVSS6.4AI score0.21769EPSS
Exploits0References1
Cvelist
Cvelist
added 2004/09/10 4:0 a.m.32 views

CVE-2004-0748

modssl in Apache 2.0.50 and earlier allows remote attackers to cause a denial of service CPU consumption by aborting an SSL connection in a way that causes an Apache child process to enter an infinite loop...

7.3AI score0.22307EPSS
Exploits0References20
Cvelist
Cvelist
added 2004/09/01 4:0 a.m.20 views

CVE-2004-0173

Directory traversal vulnerability in Apache 1.3.29 and earlier, and Apache 2.0.48 and earlier, when running on Cygwin, allows remote attackers to read arbitrary files via a URL containing "..%5C" dot dot encoded backslash sequences...

6.7AI score0.15763EPSS
Exploits1References7
Debian CVE
Debian CVE
added 2004/09/01 4:0 a.m.56 views

CVE-2002-1156

Apache 2.0.42 allows remote attackers to view the source code of a CGI script via a POST request to a directory with both WebDAV and CGI enabled...

5CVSS6.5AI score0.1346EPSS
Exploits0
Rows per page
Query Builder