CVSS: 7.5EPSS: 1%CPEs: 15EXPL: 0CVE-2003-0134
https://notcve.org/view.php?id=CVE-2003-0134
03 Apr 2003 — Unknown vulnerability in filestat.c for Apache running on OS2, versions 2.0 through 2.0.45, allows unknown attackers to cause a denial of service via requests related to device names. Vulnerabilidad desconocida en filestat.c de Apache bajo OS2, en versiones de la 2.0 a la 2.0.45, permite a atacantes desconocidos causar la Denegación de Servicios, posiblemente relacionada con un error en la identificación de ficheros no válidos. • http://cvs.apache.org/viewcvs/apr/file_io/os2/filestat.c.diff?r1=1.34&r2=1.35 •
CVSS: 7.5EPSS: 89%CPEs: 1EXPL: 3CVE-2003-0132 – Apache 2.0.44 (Linux) - Remote Denial of Service
https://notcve.org/view.php?id=CVE-2003-0132
03 Apr 2003 — A memory leak in Apache 2.0 through 2.0.44 allows remote attackers to cause a denial of service (memory consumption) via large chunks of linefeed characters, which causes Apache to allocate 80 bytes for each linefeed. Vulnerabilidad desconocida en Apache de la 2.0 a la 2.0.44 permite a atacantes remotos causar una Denegación de Servicios significativa. • https://www.exploit-db.com/exploits/11 • CWE-772: Missing Release of Resource after Effective Lifetime •
CVSS: 9.8EPSS: 1%CPEs: 2EXPL: 0CVE-2003-0083
https://notcve.org/view.php?id=CVE-2003-0083
28 Mar 2003 — Apache 1.3 before 1.3.25 and Apache 2.0 before version 2.0.46 does not filter terminal escape sequences from its access logs, which could make it easier for attackers to insert those sequences into terminal emulators containing vulnerabilities related to escape sequences, a different vulnerability than CVE-2003-0020. Apache 1.3 anteriores a 1.3.25 y Apache 2.0 anteriores a 2.0.43 y posiblemente posteriores no filtran secuencias de escape de terminal de sus logs de acceso, lo que podría hacer más fácil para ... • http://cvs.apache.org/viewcvs.cgi/apache-1.3/src/modules/standard/mod_log_config.c?only_with_tag=APACHE_1_3_25 •
CVSS: 9.8EPSS: 1%CPEs: 2EXPL: 0CVE-2003-0020
https://notcve.org/view.php?id=CVE-2003-0020
18 Mar 2003 — Apache does not filter terminal escape sequences from its error logs, which could make it easier for attackers to insert those sequences into terminal emulators containing vulnerabilities related to escape sequences. Apache no filtra secuencias de escape de terminales en sus archivos de registro de errores, lo que podría hacer más fácil para atacantes insertar estas secuencias en emuladores de terminal que tengan vulnerabilidades relacionadas con secuencias de escape. • http://archives.neohapsis.com/archives/vulnwatch/2003-q1/0093.html •
CVSS: 9.1EPSS: 12%CPEs: 8EXPL: 0CVE-2003-0016
https://notcve.org/view.php?id=CVE-2003-0016
07 Feb 2003 — Apache before 2.0.44, when running on unpatched Windows 9x and Me operating systems, allows remote attackers to cause a denial of service or execute arbitrary code via an HTTP request containing MS-DOS device names. Apache anteriores a 2.0.44, cuando corren sobre sistemas operativos Windows 9x y Me, permite a atacantes remotos causar una denegación de servicio o ejecutar código arbitrario mediane peticiones HTTP conteniendo nombres de dispositivo de MS-DOS. • http://marc.info/?l=apache-httpd-announce&m=104313442901017&w=2 •
CVSS: 7.5EPSS: 0%CPEs: 8EXPL: 0CVE-2003-0017
https://notcve.org/view.php?id=CVE-2003-0017
07 Feb 2003 — Apache 2.0 before 2.0.44 on Windows platforms allows remote attackers to obtain certain files via an HTTP request that ends in certain illegal characters such as ">", which causes a different filename to be processed and served. Apache 2.0 anterior a 2.0.44 en plataformas Windows permite a atacantes remotos obtener determinados ficheros mediante una petición HTTP que termina en ciertos caracteres ilegales como ">", lo cual provoca que se procese y sirva un nombre de archivo diferente. • http://marc.info/?l=apache-httpd-announce&m=104313442901017&w=2 •
CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 3CVE-2002-1850 – Apache 2.0.39/40 - Oversized STDERR Buffer Denial of Service
https://notcve.org/view.php?id=CVE-2002-1850
31 Dec 2002 — mod_cgi in Apache 2.0.39 and 2.0.40 allows local users and possibly remote attackers to cause a denial of service (hang and memory consumption) by causing a CGI script to send a large amount of data to stderr, which results in a read/write deadlock between httpd and the CGI script. • https://www.exploit-db.com/exploits/21854 • CWE-667: Improper Locking •
CVSS: 6.8EPSS: 96%CPEs: 47EXPL: 1CVE-2002-0840 – Apache 1.3/2.0.x - Server Side Include Cross-Site Scripting
https://notcve.org/view.php?id=CVE-2002-0840
11 Oct 2002 — Cross-site scripting (XSS) vulnerability in the default error page of Apache 2.0 before 2.0.43, and 1.3.x up to 1.3.26, when UseCanonicalName is "Off" and support for wildcard DNS is present, allows remote attackers to execute script as other web page visitors via the Host: header, a different vulnerability than CAN-2002-1157. Vulnerabilidad de comandos en sitios cruzados (cross-site scripting, XSS) en la página de error por defecto en Apache 2.0 antes de 2.0.43, y en 1.3.x hasta 1.3.26, cuando el parámetro... • https://www.exploit-db.com/exploits/21885 •
CVSS: 7.5EPSS: 1%CPEs: 1EXPL: 0CVE-2002-1156
https://notcve.org/view.php?id=CVE-2002-1156
11 Oct 2002 — Apache 2.0.42 allows remote attackers to view the source code of a CGI script via a POST request to a directory with both WebDAV and CGI enabled. Apache 2.0.42 permite a atacanes remotos ver el código fuente de un guión (script) CGI mediante una petición POST a un directorio con WebDAV y CGI activados. • http://online.securityfocus.com/advisories/4617 •
CVSS: 7.5EPSS: 26%CPEs: 10EXPL: 0CVE-2002-1593
https://notcve.org/view.php?id=CVE-2002-1593
25 Sep 2002 — mod_dav in Apache before 2.0.42 does not properly handle versioning hooks, which may allow remote attackers to kill a child process via a null dereference and cause a denial of service (CPU consumption) in a preforked multi-processing module. • http://securitytracker.com/id?1005285 •