CVE-2004-0492 – httpd mod_proxy buffer overflow
https://notcve.org/view.php?id=CVE-2004-0492
Heap-based buffer overflow in proxy_util.c for mod_proxy in Apache 1.3.25 to 1.3.31 allows remote attackers to cause a denial of service (process crash) and possibly execute arbitrary code via a negative Content-Length HTTP header field, which causes a large amount of data to be copied. Desbordamiento de búfer basado en el montón en proxy_util.c de mod_proxy en Apache 1.3.25 a 1.3.31 permite a atacantes remotos causar un denegación de servicio (caída del proceso) y posiblemente ejecutar código de su elección mediante un campo de cabecera HTTP Content-Length negativo, lo que causa que una gran cantidad de datos sean copiados. • ftp://patches.sgi.com/support/free/security/advisories/20040605-01-U.asc http://marc.info/?l=bugtraq&m=108711172710140&w=2 http://marc.info/?l=bugtraq&m=130497311408250&w=2 http://rhn.redhat.com/errata/RHSA-2004-245.html http://seclists.org/lists/fulldisclosure/2004/Jun/0296.html http://secunia.com/advisories/11841 http://sunsolve.sun.com/search/document.do?assetkey=1-26-101555-1 http://sunsolve.sun.com/search/document.do?assetkey=1-26-101841-1 http://sunsolve.s •
CVE-2004-1082
https://notcve.org/view.php?id=CVE-2004-1082
mod_digest_apple for Apache 1.3.31 and 1.3.32 on Mac OS X Server does not properly verify the nonce of a client response, which allows remote attackers to replay credentials. • http://lists.apple.com/archives/security-announce/2004/Dec/msg00000.html http://www.ciac.org/ciac/bulletins/p-049.shtml http://www.securityfocus.com/bid/9571 http://www.securitytracker.com/alerts/2004/Dec/1012414.html https://exchange.xforce.ibmcloud.com/vulnerabilities/18347 •
CVE-2002-1822
https://notcve.org/view.php?id=CVE-2002-1822
IBM HTTP Server 1.0 on AS/400 allows remote attackers to obtain the path to the web root directory and other sensitive information, which is leaked in an error mesage when a request is made for a non-existent Java Server Page (JSP). • http://marc.info/?l=bugtraq&m=103726020802411&w=2 http://www.iss.net/security_center/static/10628.php http://www.securityfocus.com/bid/6181 •
CVE-2000-1202
https://notcve.org/view.php?id=CVE-2000-1202
ikeyman in IBM IBMHSSSB 1.0 sets the CLASSPATH environmental variable to include the user's own CLASSPATH directories before the system's directories, which allows a malicious local user to execute arbitrary code as root via a Trojan horse Ikeyman class. • http://www.securityfocus.com/archive/1/54073 http://www.securityfocus.com/bid/1092 https://exchange.xforce.ibmcloud.com/vulnerabilities/4235 •
CVE-2001-0122 – IBM HTTP Server 1.3 - AfpaCache/WebSphereNet.Data Denial of Service
https://notcve.org/view.php?id=CVE-2001-0122
Kernel leak in AfpaCache module of the Fast Response Cache Accelerator (FRCA) component of IBM HTTP Server 1.3.x and Websphere 3.52 allows remote attackers to cause a denial of service via a series of malformed HTTP requests that generate a "bad request" error. • https://www.exploit-db.com/exploits/20531 http://archives.neohapsis.com/archives/bugtraq/2001-01/0079.html http://archives.neohapsis.com/archives/bugtraq/2001-03/0061.html http://www-4.ibm.com/software/webservers/security.html http://www.securityfocus.com/bid/2175 https://exchange.xforce.ibmcloud.com/vulnerabilities/5900 •