CVSS: 5.9EPSS: 32%CPEs: 2EXPL: 0CVE-2016-1546 – httpd: mod_http2 denial-of-service by thread starvation
https://notcve.org/view.php?id=CVE-2016-1546
06 Jul 2016 — The Apache HTTP Server 2.4.17 and 2.4.18, when mod_http2 is enabled, does not limit the number of simultaneous stream workers for a single HTTP/2 connection, which allows remote attackers to cause a denial of service (stream-processing outage) via modified flow-control windows. El servidor HTTP Apache 2.4.17 y 2.4.18, cuando mod_http2 está activado, no limita el número de trabajadores de flujo simultáneos para una sola conexión HTTP/2, lo que permite a atacantes remotos provocar una denegación de servicio (... • http://httpd.apache.org/security/vulnerabilities_24.html • CWE-399: Resource Management Errors •
CVSS: 9.1EPSS: 0%CPEs: 3EXPL: 0CVE-2016-4979 – httpd: X509 client certificate authentication bypass using HTTP/2
https://notcve.org/view.php?id=CVE-2016-4979
05 Jul 2016 — The Apache HTTP Server 2.4.18 through 2.4.20, when mod_http2 and mod_ssl are enabled, does not properly recognize the "SSLVerifyClient require" directive for HTTP/2 request authorization, which allows remote attackers to bypass intended access restrictions by leveraging the ability to send multiple requests over a single connection and aborting a renegotiation. El servidor HTTP Apache 2.4.18 hasta la versión 2.4.20, cuando mod_http2 y mod_ssl están activados, no reconoce adecuadamente la directiva "SSLVerif... • http://httpd.apache.org/security/vulnerabilities_24.html • CWE-284: Improper Access Control CWE-287: Improper Authentication •
CVSS: 7.5EPSS: 0%CPEs: 46EXPL: 0CVE-2015-3184 – subversion: Mixed anonymous/authenticated path-based authz with httpd 2.4
https://notcve.org/view.php?id=CVE-2015-3184
12 Aug 2015 — mod_authz_svn in Apache Subversion 1.7.x before 1.7.21 and 1.8.x before 1.8.14, when using Apache httpd 2.4.x, does not properly restrict anonymous access, which allows remote anonymous users to read hidden files via the path name. Vulnerabilidad en mod_authz_svn en Apache Subversion 1.7.x en versiones anteriores a 1.7.21 y 1.8.x en versiones anteriores a 1.8.14, al utilizar Apache httpd 2.4.x, no restringe correctamente el acceso anónimo, lo que permite a usuarios anónimos remotos leer archivos ocultos a t... • http://lists.apple.com/archives/security-announce/2016/Mar/msg00003.html • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-285: Improper Authorization •
CVSS: 7.5EPSS: 8%CPEs: 5EXPL: 0CVE-2015-0253 – httpd: NULL pointer dereference crash with ErrorDocument 400 pointing to a local URL-path
https://notcve.org/view.php?id=CVE-2015-0253
20 Jul 2015 — The read_request_line function in server/protocol.c in the Apache HTTP Server 2.4.12 does not initialize the protocol structure member, which allows remote attackers to cause a denial of service (NULL pointer dereference and process crash) by sending a request that lacks a method to an installation that enables the INCLUDES filter and has an ErrorDocument 400 directive specifying a local URI. La función read_request_line en server/protocol.c del Servidor HTTP Apache en su versión 2.4.12 no inicializa el pro... • http://httpd.apache.org/security/vulnerabilities_24.html • CWE-476: NULL Pointer Dereference •
CVSS: 4.3EPSS: 0%CPEs: 18EXPL: 0CVE-2015-3185 – httpd: ap_some_auth_required() does not properly indicate authenticated request in 2.4
https://notcve.org/view.php?id=CVE-2015-3185
20 Jul 2015 — The ap_some_auth_required function in server/request.c in the Apache HTTP Server 2.4.x before 2.4.14 does not consider that a Require directive may be associated with an authorization setting rather than an authentication setting, which allows remote attackers to bypass intended access restrictions in opportunistic circumstances by leveraging the presence of a module that relies on the 2.2 API behavior. Vulnerabilidad en la función ap_some_auth_required en ap_some_auth_required del Servidor HTTP Apache en s... • http://httpd.apache.org/security/vulnerabilities_24.html • CWE-264: Permissions, Privileges, and Access Controls CWE-287: Improper Authentication •
CVSS: 7.3EPSS: 6%CPEs: 2EXPL: 0CVE-2015-3183 – httpd: HTTP request smuggling attack against chunked request parser
https://notcve.org/view.php?id=CVE-2015-3183
20 Jul 2015 — The chunked transfer coding implementation in the Apache HTTP Server before 2.4.14 does not properly parse chunk headers, which allows remote attackers to conduct HTTP request smuggling attacks via a crafted request, related to mishandling of large chunk-size values and invalid chunk-extension characters in modules/http/http_filters.c. Vulnerabilidad en la implementación de la codificación de transferencia fragmentada en el Servidor HTTP Apache en versiones anteriores a la 2.4.14 no analiza adecuadamente lo... • http://httpd.apache.org/security/vulnerabilities_24.html • CWE-17: DEPRECATED: Code CWE-20: Improper Input Validation CWE-172: Encoding Error •
CVSS: 7.5EPSS: 3%CPEs: 8EXPL: 0CVE-2015-0228 – httpd: Possible mod_lua crash due to websocket bug
https://notcve.org/view.php?id=CVE-2015-0228
08 Mar 2015 — The lua_websocket_read function in lua_request.c in the mod_lua module in the Apache HTTP Server through 2.4.12 allows remote attackers to cause a denial of service (child-process crash) by sending a crafted WebSocket Ping frame after a Lua script has called the wsupgrade function. La función lua_websocket_read en lua_request.c en el módulo mod_lua en Apache HTTP Server hasta 2.4.12 permite a atacantes remotos causar una denegación de servicio (caída del proceso hijo) mediante el envío de un Frame WebSocket... • http://advisories.mageia.org/MGASA-2015-0099.html • CWE-20: Improper Input Validation •
CVSS: 7.5EPSS: 0%CPEs: 17EXPL: 0CVE-2014-8109 – Ubuntu Security Notice USN-2523-1
https://notcve.org/view.php?id=CVE-2014-8109
29 Dec 2014 — mod_lua.c in the mod_lua module in the Apache HTTP Server 2.3.x and 2.4.x through 2.4.10 does not support an httpd configuration in which the same Lua authorization provider is used with different arguments within different contexts, which allows remote attackers to bypass intended access restrictions in opportunistic circumstances by leveraging multiple Require directives, as demonstrated by a configuration that specifies authorization for one group to access a certain directory, and authorization for a se... • http://advisories.mageia.org/MGASA-2015-0011.html • CWE-863: Incorrect Authorization •
CVSS: 7.5EPSS: 5%CPEs: 12EXPL: 0CVE-2014-3583 – httpd: mod_proxy_fcgi handle_headers() buffer over read
https://notcve.org/view.php?id=CVE-2014-3583
15 Dec 2014 — The handle_headers function in mod_proxy_fcgi.c in the mod_proxy_fcgi module in the Apache HTTP Server 2.4.10 allows remote FastCGI servers to cause a denial of service (buffer over-read and daemon crash) via long response headers. La función handle_headers en mod_proxy_fcgi.c en el módulo mod_proxy_fcgi en Apache HTTP Server 2.4.10 permite a servidores remotoos FastCGI causar una denegación de servicio (sobre lectura de buffer y caída del demonio) a través de cabeceras de respuesta largas. A buffer overflo... • http://httpd.apache.org/security/vulnerabilities_24.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-125: Out-of-bounds Read •
CVSS: 7.5EPSS: 13%CPEs: 31EXPL: 0CVE-2014-3581 – httpd: NULL pointer dereference in mod_cache if Content-Type has empty value
https://notcve.org/view.php?id=CVE-2014-3581
10 Oct 2014 — The cache_merge_headers_out function in modules/cache/cache_util.c in the mod_cache module in the Apache HTTP Server before 2.4.11 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via an empty HTTP Content-Type header. La función cache_merge_headers_out en modules/cache/cache_util.c en el módulo mod_cache en el servidor Apache HTTP anterior a 2.4.11 permite a atacantes remotos causar una denegación de servicio (referencia a puntero nulo y caída de la apli... • http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html • CWE-476: NULL Pointer Dereference •