Lucene search
K
HttpdMost viewed

271 matches found

Apache Httpd
Apache Httpd
•added 2016/07/02 12:0 a.m.•140 views

Apache Httpd < 2.4.25 : HTTP_PROXY environment variable "httpoxy" mitigation

HTTPPROXY is a well-defined environment variable in a CGI process, which collided with a number of libraries which failed to avoid colliding with this CGI namespace. A mitigation is provided for the httpd CGI environment to avoid populating the "HTTPPROXY" variable from a "Proxy:" header, which h...

8.1CVSS1AI score0.55724EPSS
Exploits0Affected Software1
Apache Httpd
Apache Httpd
•added 2006/05/01 12:0 a.m.•140 views

Apache Httpd < 1.3.35 : Expect header Cross-Site Scripting

A flaw in the handling of invalid Expect headers. If an attacker can influence the Expect header that a victim sends to a target site they could perform a cross-site scripting attack. It is known that some versions of Flash can set an arbitrary Expect header which can trigger this flaw. Not marke...

4.3CVSS1.2AI score0.94281EPSS
Exploits7Affected Software1
Apache Httpd
Apache Httpd
•added 2017/12/07 12:0 a.m.•137 views

Apache Httpd < 2.4.33 : Out of bound write in mod_authnz_ldap when using too small Accept-Language values

modauthnzldap, if configured with AuthLDAPCharsetConfig, uses the Accept-Language header value to lookup the right charset encoding when verifying the user's credentials. If the header value is not present in the charset conversion table, a fallback mechanism is used to truncate it to a two...

7.5CVSS1.4AI score0.18197EPSS
Exploits0Affected Software1
Apache Httpd
Apache Httpd
•added 2018/10/16 12:0 a.m.•129 views

Apache Httpd < 2.4.38 : DoS for HTTP/2 connections via slow request bodies

By sending request bodies in a slow loris way to plain resources, the h2 stream for that request unnecessarily occupied a server thread cleaning up that incoming data. This affects only HTTP/2 connections. A possible mitigation is to not enable the h2 protocol...

5.3CVSS1.2AI score0.19404EPSS
Exploits0Affected Software1
Apache Httpd
Apache Httpd
•added 2018/01/23 12:0 a.m.•129 views

Apache Httpd < 2.4.33 : Possible out of bound read in mod_cache_socache

A specially crafted HTTP request header could have crashed the Apache HTTP Server prior to version 2.4.33 due to an out of bound read while preparing data to be cached in shared memory. It could be used as a Denial of Service attack against users of modcachesocache...

7.5CVSS2.7AI score0.70783EPSS
Exploits0Affected Software1
Apache Httpd
Apache Httpd
•added 2017/05/06 12:0 a.m.•126 views

Apache Httpd < 2.4.26 : ap_find_token() Buffer Overread

The HTTP strict parsing changes added in 2.2.32 and 2.4.24 introduced a bug in token list parsing, which allows apfindtoken to search past the end of its input string. By maliciously crafting a sequence of request headers, an attacker may be able to cause a segmentation fault, or to force...

7.5CVSS2AI score0.57472EPSS
Exploits1Affected Software1
Apache Httpd
Apache Httpd
•added 2016/02/10 12:0 a.m.•125 views

Apache Httpd < 2.2.32 : Apache HTTP Request Parsing Whitespace Defects

Apache HTTP Server, prior to release 2.4.25 and 2.2.32, accepted a broad pattern of unusual whitespace patterns from the user-agent, including bare CR, FF, VTAB in parsing the request line and request header lines, as well as HTAB in parsing the request line. Any bare CR present in request lines...

7.5CVSS7.7AI score0.13252EPSS
Exploits0Affected Software1
Apache Httpd
Apache Httpd
•added 2016/07/24 12:0 a.m.•122 views

Apache Httpd < 2.2.32 : mod_userdir CRLF injection

Possible CRLF injection allowing HTTP response splitting attacks for sites which use moduserdir. This issue was mitigated by changes made in 2.4.25 and 2.2.32 which prohibit CR or LF injection into the "Location" or other outbound header key or value...

6.1CVSS1.1AI score0.19798EPSS
Exploits0Affected Software1
Apache Httpd
Apache Httpd
•added 2013/12/10 12:0 a.m.•122 views

Apache Httpd < 2.2.27 : mod_dav crash

XML parsing code in moddav incorrectly calculates the end of the string when removing leading spaces and places a NUL character outside the buffer, causing random crashes. This XML parsing code is only used with DAV provider modules that support DeltaV, of which the only publicly released provide...

5CVSS1.2AI score0.26831EPSS
Exploits2Affected Software1
Apache Httpd
Apache Httpd
•added 2016/12/05 12:0 a.m.•120 views

Apache Httpd < 2.2.34 : mod_ssl Null Pointer Dereference

modssl may dereference a NULL pointer when third-party modules call aphookprocessconnection during an HTTP request to an HTTPS port...

9.8CVSS0.6AI score0.19953EPSS
Exploits0Affected Software1
Apache Httpd
Apache Httpd
•added 2020/04/24 12:0 a.m.•119 views

Apache Httpd < 2.4.44 : Push Diary Crash on Specifically Crafted HTTP/2 Header

In Apache HTTP Server versions 2.4.20 to 2.4.43, a specially crafted value for the 'Cache-Digest' header in a HTTP/2 request would result in a crash when the server actually tries to HTTP/2 PUSH a resource afterwards. Configuring the HTTP/2 feature via "H2Push off" will mitigate this vulnerabilit...

7.5CVSS8.4AI score0.89744EPSS
Exploits0Affected Software1
Apache Httpd
Apache Httpd
•added 2013/03/07 12:0 a.m.•119 views

Apache Httpd < 2.2.25 : mod_dav crash

Sending a MERGE request against a URI handled by moddavsvn with the source href sent as part of the request body as XML pointing to a URI that is not configured for DAV will trigger a segfault...

4.3CVSS0.1AI score0.29484EPSS
Exploits3Affected Software1
Apache Httpd
Apache Httpd
•added 2018/01/23 12:0 a.m.•116 views

Apache Httpd < 2.4.33 : Possible out of bound access after failure in reading the HTTP request

A specially crafted request could have crashed the Apache HTTP Server prior to version 2.4.33, due to an out of bound access after a size limit is reached by reading the HTTP header. This vulnerability is considered very hard if not impossible to trigger in non-debug mode both log and build level...

5.9CVSS2.2AI score0.15564EPSS
Exploits0Affected Software1
Apache Httpd
Apache Httpd
•added 2017/11/14 12:0 a.m.•115 views

Apache Httpd < 2.4.33 : Tampering of mod_session data for CGI applications

When modsession is configured to forward its session data to CGI applications SessionEnv on, not the default, a remote user may influence their content by using a "Session" header. This comes from the "HTTPSESSION" variable name used by modsession to forward its data to CGIs, since the prefix...

5.3CVSS0.4AI score0.10118EPSS
Exploits0Affected Software1
Apache Httpd
Apache Httpd
•added 2019/04/12 12:0 a.m.•114 views

Apache Httpd < 2.4.41 : mod_http2, read-after-free in h2 connection shutdown

Using fuzzed network input, the http/2 session handling could be made to read memory after being freed, during connection shutdown...

9.1CVSS0.6AI score0.16549EPSS
Exploits0Affected Software1
Apache Httpd
Apache Httpd
•added 2019/04/10 12:0 a.m.•114 views

Apache Httpd < 2.4.41 : mod_http2, memory corruption on early pushes

HTTP/2 very early pushes, for example configured with "H2PushResource", could lead to an overwrite of memory in the pushing request's pool, leading to crashes. The memory copied is that of the configured push link header values, not data supplied by the client...

7.5CVSS0.6AI score0.14563EPSS
Exploits1Affected Software1
Apache Httpd
Apache Httpd
•added 2020/09/11 12:0 a.m.•113 views

Apache Httpd < 2.4.48 : mod_proxy_http NULL pointer dereference

Apache HTTP Server versions 2.4.41 to 2.4.46 modproxyhttp can be made to crash NULL pointer dereference with specially crafted requests using both Content-Length and Transfer-Encoding headers, leading to a Denial of Service...

7.5CVSS8.4AI score0.49089EPSS
Exploits0Affected Software1
Apache Httpd
Apache Httpd
•added 2016/07/24 12:0 a.m.•112 views

Apache Httpd < 2.4.25 : mod_userdir CRLF injection

Possible CRLF injection allowing HTTP response splitting attacks for sites which use moduserdir. This issue was mitigated by changes made in 2.4.25 and 2.2.32 which prohibit CR or LF injection into the "Location" or other outbound header key or value...

6.1CVSS1.1AI score0.19798EPSS
Exploits0Affected Software1
Apache Httpd
Apache Httpd
•added 2014/02/25 12:0 a.m.•111 views

Apache Httpd < 2.4.9 : mod_log_config crash

A flaw was found in modlogconfig. A remote attacker could send a specific truncated cookie causing a crash. This crash would only be a denial of service if using a threaded MPM...

5CVSS7.2AI score0.25999EPSS
Exploits2Affected Software1
Apache Httpd
Apache Httpd
•added 2017/02/06 12:0 a.m.•110 views

Apache Httpd < 2.2.34 : ap_get_basic_auth_pw() Authentication Bypass

Use of the apgetbasicauthpw by third-party modules outside of the authentication phase may lead to authentication requirements being bypassed. Third-party module writers SHOULD use apgetbasicauthcomponents, available in 2.2.34 and 2.4.26, instead of apgetbasicauthpw. Modules which call the legacy...

9.8CVSS2AI score0.20231EPSS
Exploits0Affected Software1
Apache Httpd
Apache Httpd
•added 2012/02/14 12:0 a.m.•110 views

Apache Httpd < 2.4.2 : insecure LD_LIBRARY_PATH handling

Insecure handling of LDLIBRARYPATH was found that could lead to the current working directory to be searched for DSOs. This could allow a local user to execute code as root if an administrator runs apachectl from an untrusted directory...

6.9CVSS1.4AI score0.00946EPSS
Exploits4Affected Software1
Apache Httpd
Apache Httpd
•added 2010/02/09 12:0 a.m.•110 views

Apache Httpd < 2.2.15 : mod_isapi module unload flaw

A flaw was found with within modisapi which would attempt to unload the ISAPI dll when it encountered various error states. This could leave the callbacks in an undefined state and result in a segfault. On Windows platforms using modisapi, a remote attacker could send a malicious request to trigg...

10CVSS2.8AI score0.94248EPSS
Exploits13Affected Software1
Apache Httpd
Apache Httpd
•added 2015/04/04 12:0 a.m.•109 views

Apache Httpd < 2.4.16 : HTTP request smuggling attack against chunked request parser

An HTTP request smuggling attack was possible due to a bug in parsing of chunked requests. A malicious client could force the server to misinterpret the request length, allowing cache poisoning or credential hijacking if an intermediary proxy is in use...

5CVSS6.2AI score0.73327EPSS
Exploits0Affected Software1
Apache Httpd
Apache Httpd
•added 2019/01/01 12:0 a.m.•108 views

Apache Httpd < 2.4.38 : mod_ssl 2.4.37 remote DoS when used with OpenSSL 1.1.1

A bug exists in the way modssl handled client renegotiations. A remote attacker could send a carefully crafted request that would cause modssl to enter a loop leading to a denial of service. This bug can be only triggered with Apache HTTP Server version 2.4.37 when using OpenSSL version 1.1.1 or...

7.5CVSS2.9AI score0.59942EPSS
Exploits0Affected Software1
Apache Httpd
Apache Httpd
•added 2016/07/02 12:0 a.m.•108 views

Apache Httpd < 2.2.32 : HTTP_PROXY environment variable "httpoxy" mitigation

HTTPPROXY is a well-defined environment variable in a CGI process, which collided with a number of libraries which failed to avoid colliding with this CGI namespace. A mitigation is provided for the httpd CGI environment to avoid populating the "HTTPPROXY" variable from a "Proxy:" header, which h...

8.1CVSS1AI score0.55724EPSS
Exploits0Affected Software1
Apache Httpd
Apache Httpd
•added 2014/02/19 12:0 a.m.•107 views

Apache Httpd < 2.4.10 : mod_deflate denial of service

A resource consumption flaw was found in moddeflate. If request body decompression was configured using the "DEFLATE" input filter, a remote attacker could cause the server to consume significant memory and/or CPU resources. The use of request body decompression is not a common configuration...

4.3CVSS5.5AI score0.37156EPSS
Exploits0Affected Software1
Apache Httpd
Apache Httpd
•added 2001/10/12 12:0 a.m.•107 views

Apache Httpd < 1.3.22 : Multiviews can cause a directory listing to be displayed

A vulnerability was found when Multiviews are used to negotiate the directory index. In some configurations, requesting a URI with a QUERYSTRING of M=D could return a directory listing rather than the expected index page...

5CVSS2.3AI score0.56756EPSS
Exploits0Affected Software1
Apache Httpd
Apache Httpd
•added 2016/07/11 12:0 a.m.•104 views

Apache Httpd < 2.4.25 : DoS vulnerability in mod_auth_digest

Malicious input to modauthdigest will cause the server to crash, and each instance continues to crash even for subsequently valid requests...

7.5CVSS0.6AI score0.20952EPSS
Exploits0Affected Software1
Apache Httpd
Apache Httpd
•added 2014/11/09 12:0 a.m.•102 views

Apache Httpd < 2.4.12 : mod_lua multiple "Require" directive handling is broken

Fix handling of the Require line in modlua when a LuaAuthzProvider is used in multiple Require directives with different arguments. This could lead to different authentication rules than expected...

4.3CVSS6.9AI score0.22016EPSS
Exploits0Affected Software1
Apache Httpd
Apache Httpd
•added 2019/01/29 12:0 a.m.•101 views

Apache Httpd < 2.4.39 : mod_http2, read-after-free on a string compare

Using fuzzed network input, the http/2 request handling could be made to access freed memory in string comparision when determining the method of a request and thus process the request incorrectly...

5.3CVSS1.1AI score0.193EPSS
Exploits0Affected Software1
Apache Httpd
Apache Httpd
•added 2014/05/30 12:0 a.m.•101 views

Apache Httpd < 2.4.10 : mod_status buffer overflow

A race condition was found in modstatus. An attacker able to access a public server status page on a server using a threaded MPM could send a carefully crafted request which could lead to a heap buffer overflow. Note that it is not a default or recommended configuration to have a public accessibl...

6.8CVSS6.2AI score0.85744EPSS
Exploits4Affected Software1
Apache Httpd
Apache Httpd
•added 2013/12/10 12:0 a.m.•100 views

Apache Httpd < 2.4.9 : mod_dav crash

XML parsing code in moddav incorrectly calculates the end of the string when removing leading spaces and places a NUL character outside the buffer, causing random crashes. This XML parsing code is only used with DAV provider modules that support DeltaV, of which the only publicly released provide...

5CVSS1.2AI score0.26831EPSS
Exploits2Affected Software1
Apache Httpd
Apache Httpd
•added 2013/09/14 12:0 a.m.•99 views

Apache Httpd < 2.4.7 : mod_cache crash

A NULL pointer dereference was found in modcache. A malicious HTTP server could cause a crash in a caching forward proxy configuration. Note that this vulnerability was fixed in the 2.4.7 release, but the security impact was not disclosed at the time of the release...

4.3CVSS0.11534EPSS
Exploits0Affected Software1
Apache Httpd
Apache Httpd
•added 2019/01/23 12:0 a.m.•98 views

Apache Httpd < 2.4.39 : mod_ssl access control bypass

In Apache HTTP Server 2.4 releases 2.4.37 and 2.4.38, a bug in modssl when using per-location client certificate verification with TLSv1.3 allowed a client supporting Post-Handshake Authentication to bypass configured access control restrictions...

7.5CVSS1.7AI score0.10508EPSS
Exploits0Affected Software1
Apache Httpd
Apache Httpd
•added 2018/05/08 12:0 a.m.•98 views

Apache Httpd < 2.4.34 : DoS for HTTP/2 connections by crafted requests

By specially crafting HTTP/2 requests, workers would be allocated 60 seconds longer than necessary, leading to worker exhaustion and a denial of service. This issue only affects servers that have configured and enabled HTTP/2 support, which is not the default...

7.5CVSS2.2AI score0.17103EPSS
Exploits0Affected Software1
Apache Httpd
Apache Httpd
•added 2021/04/22 12:0 a.m.•97 views

Apache Httpd < 2.4.48 : NULL pointer dereference on specially crafted HTTP/2 request

Apache HTTP Server protocol handler for the HTTP/2 protocol checks received request headers against the size limitations as configured for the server and used for the HTTP/1 protocol as well. On violation of these restrictions and HTTP response is sent to the client with a status code indicating...

7.5CVSS1.3AI score0.51208EPSS
Exploits0Affected Software1
Apache Httpd
Apache Httpd
•added 2017/06/28 12:0 a.m.•96 views

Apache Httpd < 2.2.34 : Uninitialized memory reflection in mod_auth_digest

The value placeholder in Proxy-Authorization headers of type 'Digest' was not initialized or reset before or between successive key=value assignments. by modauthdigest. Providing an initial key with no '=' assignment could reflect the stale value of uninitialized pool memory used by the prior...

9.1CVSS3.1AI score0.5677EPSS
Exploits0Affected Software1
Apache Httpd
Apache Httpd
•added 2016/10/13 12:0 a.m.•95 views

Apache Httpd < 2.4.25 : IP address spoofing when proxying using mod_remoteip and mod_rewrite

For configurations using proxying with modremoteip and certain modrewrite rules, an attacker could spoof their IP address for logging and PHP scripts. Note this issue was fixed in Apache HTTP Server 2.4.24 but was retrospectively allocated a low severity CVE in 2020...

5.3CVSS1AI score0.06808EPSS
Exploits0Affected Software1
Apache Httpd
Apache Httpd
•added 2017/07/12 12:0 a.m.•94 views

Apache Httpd < 2.2.35-never : Use-after-free when using <Limit > with an unrecognized method in .htaccess ("OptionsBleed")

When an unrecognized HTTP Method is given in an directive in an .htaccess file, and that .htaccess file is processed by the corresponding request, the global methods table is corrupted in the current worker process, resulting in erratic behaviour. This behavior may be avoided by listing all unusu...

7.5CVSS7.8AI score0.94999EPSS
Exploits9Affected Software1
Apache Httpd
Apache Httpd
•added 2021/10/04 12:0 a.m.•93 views

Apache Httpd < 2.4.50 : null pointer dereference in h2 fuzzing

While fuzzing the 2.4.49 httpd, a new null pointer dereference was detected during HTTP/2 request processing, allowing an external source to DoS the server. This requires a specially crafted request. The vulnerability was recently introduced in version 2.4.49. No exploit is known to the project...

7.5CVSS2.1AI score0.24982EPSS
Exploits0Affected Software1
Apache Httpd
Apache Httpd
•added 2021/04/14 12:0 a.m.•93 views

Apache Httpd < 2.4.48 : Unexpected URL matching with 'MergeSlashes OFF'

Apache HTTP Server versions 2.4.39 to 2.4.46 Unexpected matching behavior with 'MergeSlashes OFF'...

5.3CVSS7.5AI score0.52331EPSS
Exploits0Affected Software1
Apache Httpd
Apache Httpd
•added 2007/12/12 12:0 a.m.•92 views

Apache Httpd < 2.2.8 : mod_proxy_balancer DoS

A flaw was found in the modproxybalancer module. On sites where modproxybalancer is enabled, an authorized user could send a carefully crafted request that would cause the Apache child process handling that request to crash. This could lead to a denial of service if using a threaded...

4CVSS0.9AI score0.09951EPSS
Exploits1Affected Software1
Apache Httpd
Apache Httpd
•added 2014/06/16 12:0 a.m.•91 views

Apache Httpd < 2.4.10 : mod_cgid denial of service

A flaw was found in modcgid. If a server using modcgid hosted CGI scripts which did not consume standard input, a remote attacker could cause child processes to hang indefinitely, leading to denial of service...

5CVSS4.9AI score0.43809EPSS
Exploits1Affected Software1
Apache Httpd
Apache Httpd
•added 2014/09/08 12:0 a.m.•89 views

Apache Httpd < 2.4.12 : mod_cache crash with empty Content-Type header

A NULL pointer deference was found in modcache. A malicious HTTP server could cause a crash in a caching forward proxy configuration. This crash would only be a denial of service if using a threaded MPM...

5CVSS5.8AI score0.13451EPSS
Exploits0Affected Software1
Apache Httpd
Apache Httpd
•added 2018/01/23 12:0 a.m.•88 views

Apache Httpd < 2.4.33 : Possible write of after free on HTTP/2 stream shutdown

When an HTTP/2 stream was destroyed after being handled, the Apache HTTP Server prior to version 2.4.33 could have written a NULL pointer potentially to an already freed memory. The memory pools maintained by the server make this vulnerabilty hard to trigger in usual configurations, the reporter...

5.9CVSS1.6AI score0.13436EPSS
Exploits0Affected Software1
Apache Httpd
Apache Httpd
•added 2011/10/04 12:0 a.m.•88 views

Apache Httpd < 2.0.65 : mod_setenvif .htaccess privilege escalation

An integer overflow flaw was found which, when the modsetenvif module is enabled, could allow local users to gain privileges via a .htaccess file...

4.4CVSS3.9AI score0.04716EPSS
Exploits4Affected Software1
Apache Httpd
Apache Httpd
•added 2012/07/11 12:0 a.m.•86 views

Apache Httpd < 2.2.24 : XSS due to unescaped hostnames

Various XSS flaws due to unescaped hostnames and URIs HTML output in modinfo, modstatus, modimagemap, modldap, and modproxyftp...

4.3CVSS0.9AI score0.22913EPSS
Exploits2Affected Software1
Apache Httpd
Apache Httpd
•added 2014/04/07 12:0 a.m.•85 views

Apache Httpd < 2.4.10 : mod_proxy denial of service

A flaw was found in modproxy in httpd versions 2.4.6 to 2.4.9. A remote attacker could send a carefully crafted request to a server configured as a reverse proxy, and cause the child process to crash. This could lead to a denial of service against a threaded MPM...

4.3CVSS6.6AI score0.35543EPSS
Exploits2Affected Software1
Apache Httpd
Apache Httpd
•added 2014/02/25 12:0 a.m.•85 views

Apache Httpd < 2.2.27 : mod_log_config crash

A flaw was found in modlogconfig. A remote attacker could send a specific truncated cookie causing a crash. This crash would only be a denial of service if using a threaded MPM...

5CVSS7.2AI score0.25999EPSS
Exploits2Affected Software1
Apache Httpd
Apache Httpd
•added 2006/07/21 12:0 a.m.•84 views

Apache Httpd < 2.0.59 : mod_rewrite off-by-one error

An off-by-one flaw exists in the Rewrite module, modrewrite. Depending on the manner in which Apache httpd was compiled, this software defect may result in a vulnerability which, in combination with certain types of Rewrite rules in the web server configuration files, could be triggered remotely...

7.6CVSS1.4AI score0.96436EPSS
Exploits20Affected Software1
Total number of security vulnerabilities271