Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

47 matches found

Cvelist
Cvelistadded 2014/04/15 10:0 a.m.32 views

CVE-2013-5704

The modheaders module in the Apache HTTP Server 2.2.22 allows remote attackers to bypass "RequestHeader unset" directives by placing a header in the trailer portion of data sent with chunked transfer coding. NOTE: the vendor states "this is not a security issue in httpd as such."...

4.8AI score0.65044EPSS
Exploits2References47
CVE
CVEadded 2014/04/15 10:0 a.m.896 views

CVE-2013-5704

CVE-2013-5704 concerns the Apache HTTP Server mod_headers trailer-header bypass vulnerability. The issue arises when a client places headers in the trailer portion of a chunked request, potentially bypassing RequestHeader unset directives and allowing header manipulation after header processing. ...

5CVSS5.7AI score0.65044EPSS
Exploits2References47Affected Software1
Debian CVE
Debian CVEadded 2014/04/15 10:0 a.m.41 views

CVE-2013-5704

The modheaders module in the Apache HTTP Server 2.2.22 allows remote attackers to bypass "RequestHeader unset" directives by placing a header in the trailer portion of data sent with chunked transfer coding. NOTE: the vendor states "this is not a security issue in httpd as such."...

5CVSS6.1AI score0.65044EPSS
Exploits2
seebug.org
seebug.orgadded 2014/04/04 12:0 a.m.711 views

ModSecurity 'mod_headers'模块安全限制绕过漏洞

Bugtraq ID:66550 CVE ID:CVE-2013-5704 ModSecurity是Web应用服务器。 ModSecurity在实现上存在安全限制绕过漏洞,成功利用后可使攻击者绕过过滤规则。 0 modsecurity 目前厂商已经发布了升级补丁以修复漏洞,请下载使用: http://sourceforge.net/projects/mod-security/...

5CVSS6.1AI score0.65044EPSS
Exploits2
Tenable Nessus
Tenable Nessusadded 2010/07/01 12:0 a.m.74 views

Fedora 11 : httpd-2.2.15-1.fc11.1 (2010-6131)

The Apache HTTP Server Project is proud to announce the release of version 2.2.15 of the Apache HTTP Server 'httpd'. This version is principally a security and bugfix release. Notably, this release was updated to reflect the OpenSSL Project's release 0.9.8m of the openssl library, and addresses...

9.8CVSS7.7AI score0.32487EPSS
Exploits15References7
Apache Httpd
Apache Httpdadded 2009/12/09 12:0 a.m.45 views

Apache Httpd < 2.2.15 : Subrequest handling of request headers (mod_headers)

A flaw in the core subrequest process code was fixed, to always provide a shallow copy of the headersin array to the subrequest, instead of a pointer to the parent request's array as it had for requests without request bodies. This meant all modules such as modheaders which may manipulate the inp...

4.3CVSS1.1AI score0.0539EPSS
Exploits2Affected Software1
Apache Httpd
Apache Httpdadded 2009/12/09 12:0 a.m.34 views

Apache Httpd < 2.0.64 : Subrequest handling of request headers (mod_headers)

A flaw in the core subrequest process code was fixed, to always provide a shallow copy of the headersin array to the subrequest, instead of a pointer to the parent request's array as it had for requests without request bodies. This meant all modules such as modheaders which may manipulate the inp...

4.3CVSS1.1AI score0.0539EPSS
Exploits2Affected Software1
Rows per page
Query Builder