CVSS: 7.2EPSS: 0%CPEs: 36EXPL: 0CVE-2003-0542
https://notcve.org/view.php?id=CVE-2003-0542
Multiple stack-based buffer overflows in (1) mod_alias and (2) mod_rewrite for Apache before 1.3.29 allow attackers to create configuration files to cause a denial of service (crash) or execute arbitrary code via a regular expression with more than 9 captures. Múltiples desbordamientos de búfer en mod_alias y mod_rewrite de Apache anteriores a 1.3.29, con consecuencias y métodos de ataque desconocidos, relacionados con una expresión regular con más de 9 capturas. • ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2004.6/SCOSA-2004.6.txt ftp://patches.sgi.com/support/free/security/advisories/20031203-01-U.asc ftp://patches.sgi.com/support/free/security/advisories/20040202-01-U.asc http://docs.info.apple.com/article.html?artnum=61798 http://httpd.apache.org/dist/httpd/Announcement2.html http://lists.apple.com/archives/security-announce/2004/Jan/msg00000.html http://lists.apple.com/mhonarc/security-announce/msg00045.html http://marc.info/? • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2003-0789
https://notcve.org/view.php?id=CVE-2003-0789
mod_cgid in Apache before 2.0.48, when using a threaded MPM, does not properly handle CGI redirect paths, which could cause Apache to send the output of a CGI program to the wrong client. mod_cgid en Apache anteriores a 2.0.48, cuando usan una MPM multihilo, no maneja adecuadamente redirecciones de ruta de CGI, lo que podría causar que Apache enviar la salida de un programa CGI a un cliente equivocado. • http://apache.secsup.org/dist/httpd/Announcement2.html http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000775 http://docs.info.apple.com/article.html?artnum=61798 http://lists.apple.com/archives/security-announce/2004/Jan/msg00000.html http://lists.apple.com/mhonarc/security-announce/msg00045.html http://marc.info/?l=bugtraq&m=106761802305141&w=2 http://security.gentoo.org/glsa/glsa-200310-04.xml http://www.ciac.org/ciac/bulletins/o-015.shtml http://www.mandrakese •
CVSS: 6.4EPSS: 1%CPEs: 15EXPL: 0CVE-2003-0192
https://notcve.org/view.php?id=CVE-2003-0192
Apache 2 before 2.0.47, and certain versions of mod_ssl for Apache 1.3, do not properly handle "certain sequences of per-directory renegotiations and the SSLCipherSuite directive being used to upgrade from a weak ciphersuite to a strong one," which could cause Apache to use the weak ciphersuite. Apache 2 anteriores a 2.0.47, y ciertas versiones de mod_ssl para Apache 1.3, no manejan adecuadamente "ciertas secuencias de re-negociaciones por directorio junto con la directiva SSLCipherSuite siendo usada para mejorar de un nivel de cifrado (ciphersuite) débil a uno fuerte", lo que podría hacer que apache utilizara el nivel de cifrado débil. • ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2004.6/SCOSA-2004.6.txt http://marc.info/?l=bugtraq&m=105776593602600&w=2 http://www.mandriva.com/security/advisories?name=MDKSA-2003:075 http://www.redhat.com/support/errata/RHSA-2003-240.html http://www.redhat.com/support/errata/RHSA-2003-243.html http://www.redhat.com/support/errata/RHSA-2003-244.html https://lists.apache.org/thread.html/54a42d4b01968df1117cea77fc53d6beb931c0e05936ad02af93e9ac%40%3Ccvs.httpd.apache.org%3E https://lists&# •
CVSS: 5.0EPSS: 0%CPEs: 15EXPL: 0CVE-2003-0253
https://notcve.org/view.php?id=CVE-2003-0253
The prefork MPM in Apache 2 before 2.0.47 does not properly handle certain errors from accept, which could lead to a denial of service. El MPM pre-desdoblamiento (prefork) en Apache 2 anteriores a 2.0.47 no maneja apropiadamente ciertos errores de accept(), lo que podría llevar a una denegación de servicio. • http://marc.info/?l=bugtraq&m=105776593602600&w=2 http://www.mandriva.com/security/advisories?name=MDKSA-2003:075 http://www.redhat.com/support/errata/RHSA-2003-240.html https://lists.apache.org/thread.html/54a42d4b01968df1117cea77fc53d6beb931c0e05936ad02af93e9ac%40%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/5df9bfb86a3b054bb985a45ff9250b0332c9ecc181eec232489e7f79%40%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/r0276683d8e1e07153fc8642618830ac0ade85b9ae0dc7b07f63bb8fc%40%3Ccvs.httpd.apache.org%3E https:&# •
CVSS: 5.0EPSS: 0%CPEs: 15EXPL: 0CVE-2003-0254
https://notcve.org/view.php?id=CVE-2003-0254
Apache 2 before 2.0.47, when running on an IPv6 host, allows attackers to cause a denial of service (CPU consumption by infinite loop) when the FTP proxy server fails to create an IPv6 socket. Apache 2 anteriores a la 2.0.47, cuando es ejecutado en un sistema IPv6, permite a atacantes causar la Denegación de Servicios (DoS) cuando el servidor proxy FTP falla al crear una conexión IPv6. • http://marc.info/?l=bugtraq&m=105776593602600&w=2 http://www.mandriva.com/security/advisories?name=MDKSA-2003:075 http://www.redhat.com/support/errata/RHSA-2003-240.html https://lists.apache.org/thread.html/54a42d4b01968df1117cea77fc53d6beb931c0e05936ad02af93e9ac%40%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/5df9bfb86a3b054bb985a45ff9250b0332c9ecc181eec232489e7f79%40%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/r0276683d8e1e07153fc8642618830ac0ade85b9ae0dc7b07f63bb8fc%40%3Ccvs.httpd.apache.org%3E https:&# •