CVSS: 10.0EPSS: 9%CPEs: 1EXPL: 0CVE-2003-0789
https://notcve.org/view.php?id=CVE-2003-0789
30 Oct 2003 — mod_cgid in Apache before 2.0.48, when using a threaded MPM, does not properly handle CGI redirect paths, which could cause Apache to send the output of a CGI program to the wrong client. mod_cgid en Apache anteriores a 2.0.48, cuando usan una MPM multihilo, no maneja adecuadamente redirecciones de ruta de CGI, lo que podría causar que Apache enviar la salida de un programa CGI a un cliente equivocado. • http://apache.secsup.org/dist/httpd/Announcement2.html •
CVSS: 9.8EPSS: 0%CPEs: 36EXPL: 0CVE-2003-0542
https://notcve.org/view.php?id=CVE-2003-0542
30 Oct 2003 — Multiple stack-based buffer overflows in (1) mod_alias and (2) mod_rewrite for Apache before 1.3.29 allow attackers to create configuration files to cause a denial of service (crash) or execute arbitrary code via a regular expression with more than 9 captures. Múltiples desbordamientos de búfer en mod_alias y mod_rewrite de Apache anteriores a 1.3.29, con consecuencias y métodos de ataque desconocidos, relacionados con una expresión regular con más de 9 capturas. • ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2004.6/SCOSA-2004.6.txt • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.5EPSS: 9%CPEs: 1EXPL: 0CVE-2003-0460
https://notcve.org/view.php?id=CVE-2003-0460
25 Jul 2003 — The rotatelogs program on Apache before 1.3.28, for Windows and OS/2 systems, does not properly ignore certain control characters that are received over the pipe, which could allow remote attackers to cause a denial of service. El programa rotatelogs en Apache anteriores a 1.3.28 para Windows y OS/2, no ignora adecuadamente ciertos caractéres de control que son recibidos por la tubería, lo que podría permitir a atacantes remotos causar una denegación de servicio. • http://www.apache.org/dist/httpd/Announcement.html •
CVSS: 7.5EPSS: 15%CPEs: 15EXPL: 0CVE-2003-0192
https://notcve.org/view.php?id=CVE-2003-0192
10 Jul 2003 — Apache 2 before 2.0.47, and certain versions of mod_ssl for Apache 1.3, do not properly handle "certain sequences of per-directory renegotiations and the SSLCipherSuite directive being used to upgrade from a weak ciphersuite to a strong one," which could cause Apache to use the weak ciphersuite. Apache 2 anteriores a 2.0.47, y ciertas versiones de mod_ssl para Apache 1.3, no manejan adecuadamente "ciertas secuencias de re-negociaciones por directorio junto con la directiva SSLCipherSuite siendo usada para m... • ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2004.6/SCOSA-2004.6.txt •
CVSS: 7.5EPSS: 12%CPEs: 15EXPL: 0CVE-2003-0253
https://notcve.org/view.php?id=CVE-2003-0253
10 Jul 2003 — The prefork MPM in Apache 2 before 2.0.47 does not properly handle certain errors from accept, which could lead to a denial of service. El MPM pre-desdoblamiento (prefork) en Apache 2 anteriores a 2.0.47 no maneja apropiadamente ciertos errores de accept(), lo que podría llevar a una denegación de servicio. • http://marc.info/?l=bugtraq&m=105776593602600&w=2 •
CVSS: 7.5EPSS: 9%CPEs: 15EXPL: 0CVE-2003-0254
https://notcve.org/view.php?id=CVE-2003-0254
10 Jul 2003 — Apache 2 before 2.0.47, when running on an IPv6 host, allows attackers to cause a denial of service (CPU consumption by infinite loop) when the FTP proxy server fails to create an IPv6 socket. Apache 2 anteriores a la 2.0.47, cuando es ejecutado en un sistema IPv6, permite a atacantes causar la Denegación de Servicios (DoS) cuando el servidor proxy FTP falla al crear una conexión IPv6. • http://marc.info/?l=bugtraq&m=105776593602600&w=2 •
CVSS: 9.8EPSS: 85%CPEs: 9EXPL: 1CVE-2003-0245 – Apache 2.0.45 - 'APR' Crash
https://notcve.org/view.php?id=CVE-2003-0245
30 May 2003 — Vulnerability in the apr_psprintf function in the Apache Portable Runtime (APR) library for Apache 2.0.37 through 2.0.45 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via long strings, as demonstrated using XML objects to mod_dav, and possibly other vectors. Vulnerabilidad desconocida en Apache 2.0.37 hasta 2-0-45 permite que atacantes remotos provoquen una denegación de servicio (caída) mediante mod_dav y posiblemente otros vectores. • https://www.exploit-db.com/exploits/38 •
CVSS: 7.5EPSS: 16%CPEs: 6EXPL: 0CVE-2003-0189
https://notcve.org/view.php?id=CVE-2003-0189
30 May 2003 — The authentication module for Apache 2.0.40 through 2.0.45 on Unix does not properly handle threads safely when using the crypt_r or crypt functions, which allows remote attackers to cause a denial of service (failed Basic authentication with valid usernames and passwords) when a threaded MPM is used. El módulo de autenticación para Apache 2.0.40 hasta 2.0.45 en Unix no maneja de manera segura los threads cuando usa las funciones crypt_r o crypt, lo que permite que atacantes remotos provoquen una denegación... • http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000661 •
CVSS: 7.5EPSS: 86%CPEs: 1EXPL: 3CVE-2003-0132 – Apache 2.0.44 (Linux) - Remote Denial of Service
https://notcve.org/view.php?id=CVE-2003-0132
03 Apr 2003 — A memory leak in Apache 2.0 through 2.0.44 allows remote attackers to cause a denial of service (memory consumption) via large chunks of linefeed characters, which causes Apache to allocate 80 bytes for each linefeed. Vulnerabilidad desconocida en Apache de la 2.0 a la 2.0.44 permite a atacantes remotos causar una Denegación de Servicios significativa. • https://www.exploit-db.com/exploits/11 • CWE-772: Missing Release of Resource after Effective Lifetime •
CVSS: 7.5EPSS: 6%CPEs: 15EXPL: 0CVE-2003-0134
https://notcve.org/view.php?id=CVE-2003-0134
03 Apr 2003 — Unknown vulnerability in filestat.c for Apache running on OS2, versions 2.0 through 2.0.45, allows unknown attackers to cause a denial of service via requests related to device names. Vulnerabilidad desconocida en filestat.c de Apache bajo OS2, en versiones de la 2.0 a la 2.0.45, permite a atacantes desconocidos causar la Denegación de Servicios, posiblemente relacionada con un error en la identificación de ficheros no válidos. • http://cvs.apache.org/viewcvs/apr/file_io/os2/filestat.c.diff?r1=1.34&r2=1.35 •