Page 26 of 181 results (0.006 seconds)

CVSS: 7.5EPSS: 8%CPEs: 8EXPL: 0

Apache before 2.0.44, when running on unpatched Windows 9x and Me operating systems, allows remote attackers to cause a denial of service or execute arbitrary code via an HTTP request containing MS-DOS device names. Apache anteriores a 2.0.44, cuando corren sobre sistemas operativos Windows 9x y Me, permite a atacantes remotos causar una denegación de servicio o ejecutar código arbitrario mediane peticiones HTTP conteniendo nombres de dispositivo de MS-DOS. • http://marc.info/?l=apache-httpd-announce&m=104313442901017&w=2 http://www.apacheweek.com/issues/03-01-24#security http://www.kb.cert.org/vuls/id/825177 http://www.kb.cert.org/vuls/id/979793 http://www.securityfocus.com/bid/6659 https://exchange.xforce.ibmcloud.com/vulnerabilities/11124 https://exchange.xforce.ibmcloud.com/vulnerabilities/11125 https://lists.apache.org/thread.html/54a42d4b01968df1117cea77fc53d6beb931c0e05936ad02af93e9ac%40%3Ccvs.httpd.apache.org%3E https://lists.apache.org/t •

CVSS: 5.0EPSS: 1%CPEs: 1EXPL: 5

Directory traversal vulnerability in Zeroo web server 1.5 allows remote attackers to read arbitrary files via a .. (dot dot) in a URL GET request. • https://www.exploit-db.com/exploits/22063 https://www.exploit-db.com/exploits/22064 http://archives.neohapsis.com/archives/vulnwatch/2002-q4/0083.html http://cert.uni-stuttgart.de/archive/bugtraq/2002/11/msg00306.html http://www.iss.net/security_center/static/10672.php http://www.securityfocus.com/bid/6308 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •

CVSS: 4.6EPSS: 0%CPEs: 18EXPL: 1

Buffer overflow in htdigest in Apache 1.3.26 and 1.3.27 may allow attackers to execute arbitrary code via a long user argument. NOTE: since htdigest is normally only locally accessible and not setuid or setgid, there are few attack vectors which would lead to an escalation of privileges, unless htdigest is executed from a CGI program. Therefore this may not be a vulnerability. • http://marc.info/?l=bugtraq&m=103480856102007&w=2 http://www.securityfocus.com/bid/5993 https://exchange.xforce.ibmcloud.com/vulnerabilities/10414 https://sardonix.org/audit/apache-45.html •

CVSS: 7.8EPSS: 1%CPEs: 36EXPL: 2

Tomcat 4.0 through 4.1.12, using mod_jk 1.2.1 module on Apache 1.3 through 1.3.27, allows remote attackers to cause a denial of service (desynchronized communications) via an HTTP GET request with a Transfer-Encoding chunked field with invalid values. • https://www.exploit-db.com/exploits/22068 http://archives.neohapsis.com/archives/bugtraq/2002-12/0045.html http://www.securityfocus.com/bid/6320 https://exchange.xforce.ibmcloud.com/vulnerabilities/10771 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 5.0EPSS: 1%CPEs: 1EXPL: 0

Unknown vulnerability in Apache 1.3.19 running on HP Secure OS for Linux 1.0 allows remote attackers to cause "unexpected results" via an HTTP request. • http://www.iss.net/security_center/static/7810.php http://www.securityfocus.com/advisories/3761 http://www.securityfocus.com/bid/3796 •