Http Server@2.0.60 Security Vulnerabilities and Issues — Http Server@2.0.60 CVE List

Lucene search

ApacheHttp Server2.0.60

7 matches found

CVE•added 2010/03/05 7:30 p.m.•5821 views

CVE-2010-0425

modules/arch/win32/mod_isapi.c in mod_isapi in the Apache HTTP Server 2.0.37 through 2.0.63, 2.2.0 through 2.2.14, and 2.3.x before 2.3.7, when running on Windows, does not ensure that request processing is complete before calling isapi_unload for an ISAPI .dll module, which allows remote attackers...

10CVSS9.4AI score0.876EPSS

CVE•added 2011/12/27 6:55 p.m.•2366 views

CVE-2007-6750

The Apache HTTP Server 1.x and 2.x allows remote attackers to cause a denial of service (daemon outage) via partial HTTP requests, as demonstrated by Slowloris, related to the lack of the mod_reqtimeout module in versions before 2.2.15.

5CVSS7AI score0.87652EPSS

CVE•added 2011/11/08 11:55 a.m.•1045 views

CVE-2011-4415

The ap_pregsub function in server/util.c in the Apache HTTP Server 2.0.x through 2.0.64 and 2.2.x through 2.2.21, when the mod_setenvif module is enabled, does not restrict the size of values of environment variables, which allows local users to cause a denial of service (memory consumption or NULL...

1.2CVSS6AI score0.00677EPSS

CVE•added 2011/10/05 10:55 p.m.•1019 views

CVE-2011-3368

The mod_proxy module in the Apache HTTP Server 1.3.x through 1.3.42, 2.0.x through 2.0.64, and 2.2.x through 2.2.21 does not properly interact with use of (1) RewriteRule and (2) ProxyPassMatch pattern matches for configuration of a reverse proxy, which allows remote attackers to send requests to i...

5CVSS9.2AI score0.79132EPSS

CVE•added 2011/11/30 4:5 a.m.•796 views

CVE-2011-4317

The mod_proxy module in the Apache HTTP Server 1.3.x through 1.3.42, 2.0.x through 2.0.64, and 2.2.x through 2.2.21, when the Revision 1179239 patch is in place, does not properly interact with use of (1) RewriteRule and (2) ProxyPassMatch pattern matches for configuration of a reverse proxy, which...

4.3CVSS9.4AI score0.8939EPSS

CVE•added 2011/11/08 11:55 a.m.•753 views

CVE-2011-3607

Integer overflow in the ap_pregsub function in server/util.c in the Apache HTTP Server 2.0.x through 2.0.64 and 2.2.x through 2.2.21, when the mod_setenvif module is enabled, allows local users to gain privileges via a .htaccess file with a crafted SetEnvIf directive, in conjunction with a crafted ...

4.4CVSS7.7AI score0.00459EPSS

CVE•added 2008/05/13 9:20 p.m.•153 views

CVE-2008-2168

Cross-site scripting (XSS) vulnerability in Apache 2.2.6 and earlier allows remote attackers to inject arbitrary web script or HTML via UTF-7 encoded URLs that are not properly handled when displaying the 403 Forbidden error page.

4.3CVSS5.4AI score0.54708EPSS