CVSS: 5.0EPSS: 1%CPEs: 2EXPL: 0CVE-2003-0020
https://notcve.org/view.php?id=CVE-2003-0020
Apache does not filter terminal escape sequences from its error logs, which could make it easier for attackers to insert those sequences into terminal emulators containing vulnerabilities related to escape sequences. Apache no filtra secuencias de escape de terminales en sus archivos de registro de errores, lo que podría hacer más fácil para atacantes insertar estas secuencias en emuladores de terminal que tengan vulnerabilidades relacionadas con secuencias de escape. • http://archives.neohapsis.com/archives/vulnwatch/2003-q1/0093.html http://frontal2.mandriva.com/security/advisories?name=MDKSA-2004:046 http://marc.info/?l=bugtraq&m=104612710031920&w=2 http://marc.info/?l=bugtraq&m=108369640424244&w=2 http://marc.info/?l=bugtraq&m=108437852004207&w=2 http://marc.info/? •
CVSS: 5.0EPSS: 0%CPEs: 8EXPL: 0CVE-2003-0017
https://notcve.org/view.php?id=CVE-2003-0017
Apache 2.0 before 2.0.44 on Windows platforms allows remote attackers to obtain certain files via an HTTP request that ends in certain illegal characters such as ">", which causes a different filename to be processed and served. Apache 2.0 anterior a 2.0.44 en plataformas Windows permite a atacantes remotos obtener determinados ficheros mediante una petición HTTP que termina en ciertos caracteres ilegales como ">", lo cual provoca que se procese y sirva un nombre de archivo diferente. • http://marc.info/?l=apache-httpd-announce&m=104313442901017&w=2 https://lists.apache.org/thread.html/54a42d4b01968df1117cea77fc53d6beb931c0e05936ad02af93e9ac%40%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/5df9bfb86a3b054bb985a45ff9250b0332c9ecc181eec232489e7f79%40%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/r0276683d8e1e07153fc8642618830ac0ade85b9ae0dc7b07f63bb8fc%40%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/r2cb985de917e7da0848c440535f65a247754db8b2154a10089e4247b%40%3Ccvs.httpd.apache.org%3E https://lists •
CVSS: 7.5EPSS: 8%CPEs: 8EXPL: 0CVE-2003-0016
https://notcve.org/view.php?id=CVE-2003-0016
Apache before 2.0.44, when running on unpatched Windows 9x and Me operating systems, allows remote attackers to cause a denial of service or execute arbitrary code via an HTTP request containing MS-DOS device names. Apache anteriores a 2.0.44, cuando corren sobre sistemas operativos Windows 9x y Me, permite a atacantes remotos causar una denegación de servicio o ejecutar código arbitrario mediane peticiones HTTP conteniendo nombres de dispositivo de MS-DOS. • http://marc.info/?l=apache-httpd-announce&m=104313442901017&w=2 http://www.apacheweek.com/issues/03-01-24#security http://www.kb.cert.org/vuls/id/825177 http://www.kb.cert.org/vuls/id/979793 http://www.securityfocus.com/bid/6659 https://exchange.xforce.ibmcloud.com/vulnerabilities/11124 https://exchange.xforce.ibmcloud.com/vulnerabilities/11125 https://lists.apache.org/thread.html/54a42d4b01968df1117cea77fc53d6beb931c0e05936ad02af93e9ac%40%3Ccvs.httpd.apache.org%3E https://lists.apache.org/t •
CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 3CVE-2002-1850 – Apache 2.0.39/40 - Oversized STDERR Buffer Denial of Service
https://notcve.org/view.php?id=CVE-2002-1850
mod_cgi in Apache 2.0.39 and 2.0.40 allows local users and possibly remote attackers to cause a denial of service (hang and memory consumption) by causing a CGI script to send a large amount of data to stderr, which results in a read/write deadlock between httpd and the CGI script. • https://www.exploit-db.com/exploits/21854 http://cvs.apache.org/viewcvs.cgi/httpd-2.0/modules/generators/mod_cgi.c?r1=1.148.2.7&r2=1.148.2.8 http://issues.apache.org/bugzilla/show_bug.cgi?id=10515 http://issues.apache.org/bugzilla/show_bug.cgi?id=22030 http://marc.info/?l=apache-httpd-dev&m=103291952019514&w=2 http://seclists.org/bugtraq/2002/Sep/0253.html http://securitytracker.com/id? • CWE-667: Improper Locking •
CVSS: 5.0EPSS: 0%CPEs: 1EXPL: 0CVE-2002-1156
https://notcve.org/view.php?id=CVE-2002-1156
Apache 2.0.42 allows remote attackers to view the source code of a CGI script via a POST request to a directory with both WebDAV and CGI enabled. Apache 2.0.42 permite a atacanes remotos ver el código fuente de un guión (script) CGI mediante una petición POST a un directorio con WebDAV y CGI activados. • http://online.securityfocus.com/advisories/4617 http://www.apache.org/dist/httpd/CHANGES_2.0 http://www.apacheweek.com/issues/02-10-04 http://www.kb.cert.org/vuls/id/910713 http://www.securityfocus.com/bid/6065 https://exchange.xforce.ibmcloud.com/vulnerabilities/10499 https://lists.apache.org/thread.html/54a42d4b01968df1117cea77fc53d6beb931c0e05936ad02af93e9ac%40%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/5df9bfb86a3b054bb985a45ff9250b0332c9ecc181eec232489e7f79%40%3Ccvs.httpd.apache.org%3E https& •