CVE-2003-0254

Apache 2 before 2.0.47, when running on an IPv6 host, allows attackers to cause a denial of service CPU consumption by infinite loop when the FTP proxy server fails to create an IPv6 socket...

DEBIAN-CVE-2003-0254

Apache 2 before 2.0.47, when running on an IPv6 host, allows attackers to cause a denial of service CPU consumption by infinite loop when the FTP proxy server fails to create an IPv6 socket...

Apache 1.3.x mod_mylo - Remote Code Execution

Apache 1.3.x modmylo - Remote Code Execution / Apache + modmylo remote exploit By Carl Livitt / July 2003 carllivitt at hush dot com Public release - Linux and FreeBSD targets. / include include include include include include include include include include include include include include define...

Apache 1.3.x mod_mylo Remote Code Execution Exploit

No description provided by source. / Apache + modmylo remote exploit By Carl Livitt / July 2003 carllivitt at hush dot com Public release - Linux and FreeBSD targets. / include sys/types.h include sys/stat.h include sys/socket.h include net/if.h include netinet/in.h include netinet/tcp.h include...

CVE-2003-0460

Apache rotatelogs vulnerability CVE-2003-0460 affects Apache 1.3.x before 1.3.28 on Windows/OS/2, where rotatelogs does not ignore certain control characters received over the pipe, potentially allowing remote attackers to cause a denial of service. Documents from NVD and CERT note that this coul...

CVE-2003-0253

CVE-2003-0253 affects Apache 2.x with the prefork MPM before 2.0.47. A bug in handling accept() errors on rarely accessed ports could cause a temporary denial of service. The available connected documents consistently describe this as a DoS issue tied to the prefork MPM; remediation involves upgr...

CVE-2003-0254

CVE-2003-0254 affects Apache 2.x before 2.0.47. When running on an IPv6 host, the FTP proxy component may fail to create an IPv6 socket, triggering a Denial of Service via an infinite loop. Public advisories reference Apache HTTP Server vulnerabilities and note this can be exploited by remote act...

CVE-2003-0192

CVE-2003-0192 describes an issue in Apache 2.x before 2.0.47 (and mod_ssl for Apache 1.3) where certain sequences of per-directory renegotiations combined with using SSLCipherSuite to upgrade a weak cipher could cause the server to continue using a weak cipher. The connected advisories confirm af...

security flaw

Apache does not filter terminal escape sequences from its error logs, which could make it easier for attackers to insert those sequences into terminal emulators containing vulnerabilities related to escape sequences...

DEBIAN-CVE-2003-0189

The authentication module for Apache 2.0.40 through 2.0.45 on Unix does not properly handle threads safely when using the cryptr or crypt functions, which allows remote attackers to cause a denial of service failed Basic authentication with valid usernames and passwords when a threaded MPM is use...

CVE-2003-0189

CVE-2003-0189 detail (from connected documents): The Apache HTTP Server 2.0.40–2.0.45 on Unix platforms fails to handle thread safety in the apr_password_validate() path when crypt_r/crypt is used, enabling remote attackers to trigger a denial-of-service by breaking Basic Authentication under a t...

CVE-2003-0245

CVE-2003-0245 concerns a vulnerability in the APR library (apr_psprintf) used by Apache 2.0.x, reported for versions 2.0.37–2.0.45. The flaw can crash the server and, in some cases, enable arbitrary code execution when triggered by long strings (notably via mod_dav) and potentially other vectors....

Webfroot Shoutbox 2.32 (Apache) - Local File Inclusion Remote Code Execution

Webfroot Shoutbox 2.32 Apache - Local File Inclusion Remote Code Execution !/usr/bin/perl Webfroot Shoutbox ';fclose$h;? HTTP/1.1\nHost: 127.0.0.1\nConnection: Close\n\n"; my $conn; if $ARGV0 eq "x" || $ARGV0 eq "r" $type = $ARGV0; else print "x Webfroot Shoutbox 2.32 on apache exploit \n\n";...

Webfroot Shoutbox < 2.32 (Apache) - Local File Inclusion / Remote Code Execution

!/usr/bin/perl Webfroot Shoutbox ';fclose$h;? HTTP/1.1\nHost: 127.0.0.1\nConnection: Close\n\n"; my $conn; if $ARGV0 eq "x" || $ARGV0 eq "r" $type = $ARGV0; else print "x Webfroot Shoutbox 2.32 on apache exploit \n\n"; print "Usage: \n Webfroot.pl x|r host command path port\n"; print "\ttype\tx =...

Apache 2.0.x < 2.0.46 Multiple DoS

The remote host appears to be running a version of Apache 2.0.x that is prior to 2.0.46. It is, therefore, affected by multiple denial of service vulnerabilities : - There is a denial of service vulnerability that may allow an attacker to disable basic authentication on this host. - There is a...

DEBIAN-CVE-2003-0134

Unknown vulnerability in filestat.c for Apache running on OS2, versions 2.0 through 2.0.45, allows unknown attackers to cause a denial of service via requests related to device names...

DEBIAN-CVE-2003-0132

A memory leak in Apache 2.0 through 2.0.44 allows remote attackers to cause a denial of service memory consumption via large chunks of linefeed characters, which causes Apache to allocate 80 bytes for each linefeed...

Apache DoS

Memory leak on request with large number of line feeds...

CVE-2003-0132

CVE-2003-0132: Apache 2.0 up to 2.0.44 is vulnerable to a memory-leak DoS via large sequences of linefeed characters. The issue arises because Apache may allocate memory (about 80 bytes per linefeed), enabling remote denial-of-service. OpenVAS entries summarize the vulnerability as a linefeed mem...

CVE-2003-0134

CVE-2003-0134 concerns Apache on OS/2 (versions 2.0–2.0.45) with a Denial of Service vulnerability in filestat.c related to device-name handling. Public details indicate the flaw could be triggered by specific requests involving device names, causing the running OS/2 worker process to fault. The ...