Page 26 of 177 results (0.007 seconds)

CVSS: 5.0EPSS: 1%CPEs: 1EXPL: 0

Unknown vulnerability in Apache 1.3.19 running on HP Secure OS for Linux 1.0 allows remote attackers to cause "unexpected results" via an HTTP request. • http://www.iss.net/security_center/static/7810.php http://www.securityfocus.com/advisories/3761 http://www.securityfocus.com/bid/3796 •

CVSS: 7.5EPSS: 70%CPEs: 10EXPL: 2

PHP, when installed on Windows with Apache and ScriptAlias for /php/ set to c:/php/, allows remote attackers to read arbitrary files and possibly execute arbitrary programs via an HTTP request for php.exe with a filename in the query string. • https://www.exploit-db.com/exploits/21204 http://www.iss.net/security_center/static/7815.php http://www.securiteam.com/windowsntfocus/5ZP030U60U.html http://www.securityfocus.com/bid/3786 •

CVSS: 5.0EPSS: 0%CPEs: 1EXPL: 0

IBM HTTP Server 1.0 on AS/400 allows remote attackers to obtain the path to the web root directory and other sensitive information, which is leaked in an error mesage when a request is made for a non-existent Java Server Page (JSP). • http://marc.info/?l=bugtraq&m=103726020802411&w=2 http://www.iss.net/security_center/static/10628.php http://www.securityfocus.com/bid/6181 •

CVSS: 5.0EPSS: 1%CPEs: 13EXPL: 0

Apache before 1.3.24, when writing to the log file, records a spoofed hostname from the reverse lookup of an IP address, even when a double-reverse lookup fails, which allows remote attackers to hide the original source of activities. • http://www.apache.org/dist/httpd/CHANGES_1.3 http://www.iss.net/security_center/static/8629.php http://www.securityfocus.com/bid/4358 •

CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 3

mod_cgi in Apache 2.0.39 and 2.0.40 allows local users and possibly remote attackers to cause a denial of service (hang and memory consumption) by causing a CGI script to send a large amount of data to stderr, which results in a read/write deadlock between httpd and the CGI script. • https://www.exploit-db.com/exploits/21854 http://cvs.apache.org/viewcvs.cgi/httpd-2.0/modules/generators/mod_cgi.c?r1=1.148.2.7&r2=1.148.2.8 http://issues.apache.org/bugzilla/show_bug.cgi?id=10515 http://issues.apache.org/bugzilla/show_bug.cgi?id=22030 http://marc.info/?l=apache-httpd-dev&m=103291952019514&w=2 http://seclists.org/bugtraq/2002/Sep/0253.html http://securitytracker.com/id? • CWE-667: Improper Locking •