Lucene search
K

6 matches found

CVE
CVE
added 2006/07/28 6:0 p.m.457 views

CVE-2006-3747

CVE-2006-3747 describes an off-by-one error in the LDAP scheme handling of Apache’s mod_rewrite. The issue affects Apache versions with RewriteEngine enabled and certain LDAP URL rules, allowing remote attackers to trigger a denial of service and potentially execute arbitrary code. Affected range...

7.6CVSS9.7AI score0.96436EPSS
CVE
CVE
added 2006/07/28 12:0 a.m.264 views

CVE-2006-3918

CVE-2006-3918 is an Apache HTTP Server/IBM HTTP Server issue where the HTTP Expect header is not sanitized when echoed back in error messages, enabling potential cross-site scripting via headers (as demonstrated with Flash/other clients). Affected products and versions include Apache HTTP Server ...

4.3CVSS7AI score0.94926EPSS
CVE
CVE
added 2006/10/16 7:0 p.m.196 views

CVE-2006-4154

CVE-2006-4154 describes a format-string vulnerability in the Apache mod_tcl module (version 1.0 for Apache 2.x). The root cause is format string handling in calls to set_var (in tcl_cmds.c and tcl_core.c), allowing a remote attacker to execute arbitrary code with the httpd process privileges. Aff...

6.8CVSS7.3AI score0.15858EPSS
CVE
CVE
added 2006/08/14 8:0 p.m.161 views

CVE-2006-4110

CVE-2006-4110 affects Apache 2.2.2 running on Windows. An information-disclosure vulnerability arises when the CGI directory is within the document root: requests that alter the case of the directory name bypass the ScriptAlias handler on a case-insensitive filesystem, allowing attackers to read ...

4.3CVSS6.8AI score0.3938EPSS
CVE
CVE
added 2006/01/06 11:0 p.m.123 views

CVE-2005-3357

CVE-2005-3357 affects mod_ssl in Apache 2.0 up to 2.0.55; when using an SSL vhost with access control and a custom 400 error page, a non-SSL request to an SSL port can trigger a NULL pointer dereference, causing a denial of service. Remediation/version is not specified in the provided documents.

5.4CVSS6.1AI score0.24286EPSS
CVE
CVE
added 2006/10/23 5:0 p.m.91 views

CVE-2003-1307

Summary: CVE-2003-1307 affects the mod_php module of the Apache HTTP Server. Vulnerability: Local users with write access to PHP scripts can signal the server’s process group and manipulate server file descriptors, demonstrated by sending a STOP signal and intercepting connections on the server’s...

4.3CVSS6.4AI score0.01603EPSS