CVE-2005-1268
https://notcve.org/view.php?id=CVE-2005-1268
Off-by-one error in the mod_ssl Certificate Revocation List (CRL) verification callback in Apache, when configured to use a CRL, allows remote attackers to cause a denial of service (child process crash) via a CRL that causes a buffer overflow of one null byte. Error de fuera-por-uno en la retrollamda de verificación de Lista de Revocación de Certificados (CRL) de mod_ssl para Apache, cuando se configura para usar un CRL, permite a atacantes remotos causar una denegación de servicio (caída de proceso hijo) mediante una CRL que causa un desbordamiento de búfer de un byte nule. • http://lists.trustix.org/pipermail/tsl-announce/2005-October/000354.html http://rhn.redhat.com/errata/RHSA-2005-582.html http://secunia.com/advisories/19072 http://secunia.com/advisories/19185 http://securityreason.com/securityalert/604 http://sunsolve.sun.com/search/document.do?assetkey=1-26-102198-1 http://support.avaya.com/elmodocs2/security/ASA-2006-081.htm http://www.debian.org/security/2005/dsa-805 http://www.mandriva.com/security/advisories?name=MDKSA-2005:129 http:/& • CWE-193: Off-by-one Error •
CVE-2005-2088
https://notcve.org/view.php?id=CVE-2005-2088
The Apache HTTP server before 1.3.34, and 2.0.x before 2.0.55, when acting as an HTTP proxy, allows remote attackers to poison the web cache, bypass web application firewall protection, and conduct XSS attacks via an HTTP request with both a "Transfer-Encoding: chunked" header and a Content-Length header, which causes Apache to incorrectly handle and forward the body of the request in a way that causes the receiving server to process it as a separate HTTP request, aka "HTTP Request Smuggling." • http://docs.info.apple.com/article.html?artnum=302847 http://lists.trustix.org/pipermail/tsl-announce/2005-October/000354.html http://marc.info/?l=apache-httpd-announce&m=112931556417329&w=3 http://seclists.org/lists/bugtraq/2005/Jun/0025.html http://secunia.com/advisories/14530 http://secunia.com/advisories/17319 http://secunia.com/advisories/17487 http://secunia.com/advisories/17813 http://secunia.com/advisories/19072 http://secunia.com/advisories/19073 http://secunia. • CWE-444: Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling') •
CVE-2005-1344 – Apache 1.3.x - HTDigest Realm Command Line Argument Buffer Overflow
https://notcve.org/view.php?id=CVE-2005-1344
Buffer overflow in htdigest in Apache 2.0.52 may allow attackers to execute arbitrary code via a long realm argument. NOTE: since htdigest is normally only locally accessible and not setuid or setgid, there are few attack vectors which would lead to an escalation of privileges, unless htdigest is executed from a CGI program. Therefore this may not be a vulnerability. • https://www.exploit-db.com/exploits/25625 https://www.exploit-db.com/exploits/25624 http://lists.apple.com/archives/security-announce/2005//Aug/msg00001.html http://lists.apple.com/archives/security-announce/2005/Aug/msg00000.html http://lists.apple.com/archives/security-announce/2005/May/msg00001.html http://www.lucaercoli.it/advs/htdigest.txt http://www.osvdb.org/12848 http://www.securiteam.com/unixfocus/5EP061FEKC.html http://www.securityfocus.com/bid/13537 •
CVE-2004-2343
https://notcve.org/view.php?id=CVE-2004-2343
Apache HTTP Server 2.0.47 and earlier allows local users to bypass .htaccess file restrictions, as specified in httpd.conf with directives such as Deny From All, by using an ErrorDocument directive. NOTE: the vendor has disputed this issue, since the .htaccess mechanism is only intended to restrict external web access, and a local user already has the privileges to perform the same operations without using ErrorDocument • http://archives.neohapsis.com/archives/bugtraq/2004-02/0043.html http://archives.neohapsis.com/archives/bugtraq/2004-02/0064.html http://archives.neohapsis.com/archives/bugtraq/2004-02/0120.html https://exchange.xforce.ibmcloud.com/vulnerabilities/15015 •
CVE-2004-1387
https://notcve.org/view.php?id=CVE-2004-1387
The check_forensic script in apache-utils package 1.3.31 allows local users to overwrite or create arbitrary files via a symlink attack on temporary files. • http://lists.debian.org/debian-apache/2005/01/msg00076.html http://secunia.com/advisories/13925 https://exchange.xforce.ibmcloud.com/vulnerabilities/18993 https://usn.ubuntu.com/65-1 •