Page 28 of 227 results (0.007 seconds)

CVSS: 5.0EPSS: 96%CPEs: 1EXPL: 1

CVE-2004-0942 – Apache 2.0.52 - GET Denial of Service

https://notcve.org/view.php?id=CVE-2004-0942

Apache webserver 2.0.52 and earlier allows remote attackers to cause a denial of service (CPU consumption) via an HTTP GET request with a MIME header containing multiple lines with a large number of space characters. • https://www.exploit-db.com/exploits/855 http://lists.apple.com/archives/security-announce/2005//Aug/msg00001.html http://lists.apple.com/archives/security-announce/2005/Aug/msg00000.html http://lists.grok.org.uk/pipermail/full-disclosure/2004-November/028248.html http://marc.info/?l=bugtraq&m=110384374213596&w=2 http://secunia.com/advisories/19072 http://sunsolve.sun.com/search/document.do?assetkey=1-26-102198-1 http://support.avaya.com/elmodocs2/security/ASA-2006-081.htm ht •

CVSS: 7.8EPSS: 0%CPEs: 21EXPL: 3

CVE-2004-0940 – Apache 1.3.31 mod_include - Local Buffer Overflow

https://notcve.org/view.php?id=CVE-2004-0940

Buffer overflow in the get_tag function in mod_include for Apache 1.3.x to 1.3.32 allows local users who can create SSI documents to execute arbitrary code as the apache user via SSI (XSSI) documents that trigger a length calculation error. • https://www.exploit-db.com/exploits/587 https://www.exploit-db.com/exploits/24694 http://marc.info/?l=bugtraq&m=109906660225051&w=2 http://secunia.com/advisories/12898 http://secunia.com/advisories/19073 http://securitytracker.com/id?1011783 http://sunsolve.sun.com/search/document.do?assetkey=1-26-102197-1 http://support.avaya.com/elmodocs2/security/ASA-2006-081.htm http://www.apacheweek.com/features/security-13 http://www.debian.org/security/2004/dsa-594 http:/& • CWE-131: Incorrect Calculation of Buffer Size •

CVSS: 7.5EPSS: 0%CPEs: 18EXPL: 0

CVE-2004-0885 – mod_ssl SSLCipherSuite bypass

https://notcve.org/view.php?id=CVE-2004-0885

The mod_ssl module in Apache 2.0.35 through 2.0.52, when using the "SSLCipherSuite" directive in directory or location context, allows remote clients to bypass intended restrictions by using any cipher suite that is allowed by the virtual host configuration. El módulo mod_ssl en Apache 2.0.35 a 2.0.52, cuando se usa la "SSLCipherSuite" en contexto de directorio o lugar, permite a clientes remotos evitar las restricciones pretendidas usando cualquier conjunto de cifrado que sea permitido por la configuración de servidor (host) virtual. • http://issues.apache.org/bugzilla/show_bug.cgi?id=31505 http://lists.apple.com/archives/security-announce/2005//Aug/msg00001.html http://lists.apple.com/archives/security-announce/2005/Aug/msg00000.html http://marc.info/?l=bugtraq&m=109786159119069&w=2 http://secunia.com/advisories/19072 http://sunsolve.sun.com/search/document.do?assetkey=1-26-102198-1 http://support.avaya.com/elmodocs2/security/ASA-2006-081.htm http://www.apacheweek.com/features/security-20 http://www&# •

CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0

CVE-2004-0811

https://notcve.org/view.php?id=CVE-2004-0811

Unknown vulnerability in Apache 2.0.51 prevents "the merging of the Satisfy directive," which could allow attackers to obtain access to restricted resources contrary to the specified authentication configuration. • http://fedoranews.org/updates/FEDORA-2004-313.shtml http://security.gentoo.org/glsa/glsa-200409-33.xml http://www.apache.org/dist/httpd/patches/apply_to_2.0.51/CAN-2004-0811.patch http://www.apacheweek.com/features/security-20 http://www.securityfocus.com/bid/11239 http://www.trustix.org/errata/2004/0049 https://exchange.xforce.ibmcloud.com/vulnerabilities/17473 https://lists.apache.org/thread.html/54a42d4b01968df1117cea77fc53d6beb931c0e05936ad02af93e9ac%40%3Ccvs.httpd.apache.org%3E https:/ •

CVSS: 5.0EPSS: 0%CPEs: 30EXPL: 1

CVE-2004-0809

https://notcve.org/view.php?id=CVE-2004-0809

The mod_dav module in Apache 2.0.50 and earlier allows remote attackers to cause a denial of service (child process crash) via a certain sequence of LOCK requests for a location that allows WebDAV authoring access. • http://cvs.apache.org/viewcvs.cgi/httpd-2.0/modules/dav/fs/lock.c?r1=1.32&r2=1.33 http://www.debian.org/security/2004/dsa-558 http://www.gentoo.org/security/en/glsa/glsa-200409-21.xml http://www.mandrakesecure.net/en/advisories/advisory.php?name=MDKSA-2004:096 http://www.redhat.com/support/errata/RHSA-2004-463.html http://www.trustix.org/errata/2004/0047 https://exchange.xforce.ibmcloud.com/vulnerabilities/17366 https://lists.apache.org/thread.html/54a42d4b01968df11 •