Page 20 of 103 results (0.017 seconds)

CVSS: 5.0EPSS: 0%CPEs: 2EXPL: 0

Vulnerability in Apache httpd before 1.3.11, when configured for mass virtual hosting using mod_rewrite, or mod_vhost_alias in Apache 1.3.9, allows remote attackers to retrieve arbitrary files. • http://www.apacheweek.com/issues/00-01-07#status https://lists.apache.org/thread.html/r5419c9ba0951ef73a655362403d12bb8d10fab38274deb3f005816f5%40%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/r5f9c22f9c28adbd9f00556059edc7b03a5d5bb71d4bb80257c0d34e4%40%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/rb9c9f42dafa25d2f669dac2a536a03f2575bc5ec1be6f480618aee10%40%3Ccvs.httpd.apache.org%3E https://lists.apache.org/ •

CVSS: 10.0EPSS: 2%CPEs: 1EXPL: 0

Apache WWW server 1.3.1 and earlier allows remote attackers to cause a denial of service (resource exhaustion) via a large number of MIME headers with the same name, aka the "sioux" vulnerability. • http://marc.info/?l=bugtraq&m=90252779826784&w=2 http://marc.info/?l=bugtraq&m=90276683825862&w=2 http://marc.info/?l=bugtraq&m=90280517007869&w=2 http://marc.info/?l=bugtraq&m=90286768232093&w=2 http://www.redhat.com/support/errata/rh51-errata-general.html#apache https://lists.apache.org/thread.html/r5419c9ba0951ef73a655362403d12bb8d10fab38274deb3f005816f5%40%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E •

CVSS: 5.0EPSS: 0%CPEs: 9EXPL: 1

Buffer overflow in Apache 1.2.5 and earlier allows a remote attacker to cause a denial of service with a large number of GET requests containing a large number of / characters. • https://www.exploit-db.com/exploits/20558 https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0107 •

CVSS: 10.0EPSS: 0%CPEs: 2EXPL: 0

Oracle Webserver 2.1 and earlier runs setuid root, but the configuration file is owned by the oracle account, which allows any local or remote attacker who obtains access to the oracle account to gain privileges or modify arbitrary files by modifying the configuration file. • http://marc.info/?l=bugtraq&m=87602880019796&w=2 •

CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0

Apache httpd cookie buffer overflow for versions 1.1.1 and earlier. • https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0071 •