Page 11 of 95 results (0.011 seconds)

CVSS: 7.5EPSS: 37%CPEs: 1EXPL: 0

Apache 1.4.x before 1.3.30, and 2.0.x before 2.0.49, when using multiple listening sockets on certain platforms, allows remote attackers to cause a denial of service (blocked new connections) via a "short-lived connection on a rarely-accessed listening socket." Apache anteriores 2.0.49, cuando usa múltiples sockets en escucha en ciertas plataformas, permite a atacantes remotos causar una denegación de servicio (bloqueo de nuevas conexiones) mediante una "conexión de vida corta en un socket en escucha raramente accedido. • http://marc.info/?l=bugtraq&m=107973894328806&w=2 http://marc.info/?l=bugtraq&m=108066914830552&w=2 http://marc.info/?l=bugtraq&m=108369640424244&w=2 http://marc.info/?l=bugtraq&m=108437852004207&w=2 http://marc.info/? • CWE-667: Improper Locking •

CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0

mod_digest for Apache before 1.3.31 does not properly verify the nonce of a client response by using a AuthNonce secret. mod_digest de Apache no verifica adecuadamente el nonce de una respuesta de cliente usando un secreto AuthNonce. • http://marc.info/?l=bugtraq&m=108437852004207&w=2 http://security.gentoo.org/glsa/glsa-200405-22.xml http://securitytracker.com/id?1008920 http://sunsolve.sun.com/search/document.do?assetkey=1-26-101555-1 http://sunsolve.sun.com/search/document.do?assetkey=1-26-101841-1 http://sunsolve.sun.com/search/document.do? •

CVSS: 7.5EPSS: 0%CPEs: 47EXPL: 0

mod_digest_apple for Apache 1.3.31 and 1.3.32 on Mac OS X Server does not properly verify the nonce of a client response, which allows remote attackers to replay credentials. • http://lists.apple.com/archives/security-announce/2004/Dec/msg00000.html http://www.ciac.org/ciac/bulletins/p-049.shtml http://www.securityfocus.com/bid/9571 http://www.securitytracker.com/alerts/2004/Dec/1012414.html https://exchange.xforce.ibmcloud.com/vulnerabilities/18347 •

CVSS: 4.3EPSS: 0%CPEs: 6EXPL: 0

Apache HTTP Server 1.3.22 through 1.3.27 on OpenBSD allows remote attackers to obtain sensitive information via (1) the ETag header, which reveals the inode number, or (2) multipart MIME boundary, which reveals child process IDs (PID). • http://www.openbsd.org/errata32.html http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html http://www.securityfocus.com/bid/6939 http://www.securityfocus.com/bid/6943 https://exchange.xforce.ibmcloud.com/vulnerabilities/11438 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •

CVSS: 7.2EPSS: 0%CPEs: 36EXPL: 0

Multiple stack-based buffer overflows in (1) mod_alias and (2) mod_rewrite for Apache before 1.3.29 allow attackers to create configuration files to cause a denial of service (crash) or execute arbitrary code via a regular expression with more than 9 captures. Múltiples desbordamientos de búfer en mod_alias y mod_rewrite de Apache anteriores a 1.3.29, con consecuencias y métodos de ataque desconocidos, relacionados con una expresión regular con más de 9 capturas. • ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2004.6/SCOSA-2004.6.txt ftp://patches.sgi.com/support/free/security/advisories/20031203-01-U.asc ftp://patches.sgi.com/support/free/security/advisories/20040202-01-U.asc http://docs.info.apple.com/article.html?artnum=61798 http://httpd.apache.org/dist/httpd/Announcement2.html http://lists.apple.com/archives/security-announce/2004/Jan/msg00000.html http://lists.apple.com/mhonarc/security-announce/msg00045.html http://marc.info/? • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •