Page 34 of 227 results (0.007 seconds)

CVSS: 5.0EPSS: 90%CPEs: 1EXPL: 3

A memory leak in Apache 2.0 through 2.0.44 allows remote attackers to cause a denial of service (memory consumption) via large chunks of linefeed characters, which causes Apache to allocate 80 bytes for each linefeed. Vulnerabilidad desconocida en Apache de la 2.0 a la 2.0.44 permite a atacantes remotos causar una Denegación de Servicios significativa. • https://www.exploit-db.com/exploits/11 https://www.exploit-db.com/exploits/9 http://lists.apple.com/mhonarc/security-announce/msg00028.html http://marc.info/?l=bugtraq&m=104931360606484&w=2 http://marc.info/?l=bugtraq&m=104982175321731&w=2 http://marc.info/?l=bugtraq&m=104994239010517&w=2 http://marc.info/?l=bugtraq&m=104994309010974&w=2 http://marc.info/? • CWE-772: Missing Release of Resource after Effective Lifetime •

CVSS: 5.0EPSS: 1%CPEs: 15EXPL: 0

Unknown vulnerability in filestat.c for Apache running on OS2, versions 2.0 through 2.0.45, allows unknown attackers to cause a denial of service via requests related to device names. Vulnerabilidad desconocida en filestat.c de Apache bajo OS2, en versiones de la 2.0 a la 2.0.45, permite a atacantes desconocidos causar la Denegación de Servicios, posiblemente relacionada con un error en la identificación de ficheros no válidos. • http://cvs.apache.org/viewcvs/apr/file_io/os2/filestat.c.diff?r1=1.34&r2=1.35 http://marc.info/?l=bugtraq&m=104931360606484&w=2 http://marc.info/?l=bugtraq&m=105418115512559&w=2 https://lists.apache.org/thread.html/54a42d4b01968df1117cea77fc53d6beb931c0e05936ad02af93e9ac%40%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/5df9bfb86a3b054bb985a45ff9250b0332c9ecc181eec232489e7f79%40%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/r0276683d8e1e07153fc8642618830ac0ade85b9ae0dc7b07f63bb8fc%40%3Ccvs.httpd&# •

CVSS: 5.0EPSS: 1%CPEs: 2EXPL: 0

Apache 1.3 before 1.3.25 and Apache 2.0 before version 2.0.46 does not filter terminal escape sequences from its access logs, which could make it easier for attackers to insert those sequences into terminal emulators containing vulnerabilities related to escape sequences, a different vulnerability than CVE-2003-0020. Apache 1.3 anteriores a 1.3.25 y Apache 2.0 anteriores a 2.0.43 y posiblemente posteriores no filtran secuencias de escape de terminal de sus logs de acceso, lo que podría hacer más fácil para atacantes insertar esas secuencias secuencias en emuladores de terminal conteniendo vulnerabilidades relacionadas con secuencias de escape, una vulnerabilidad diferente de CAN-2003-0020. • http://cvs.apache.org/viewcvs.cgi/apache-1.3/src/modules/standard/mod_log_config.c?only_with_tag=APACHE_1_3_25 http://cvs.apache.org/viewcvs.cgi/httpd-2.0/modules/loggers/mod_log_config.c?only_with_tag=APACHE_2_0_BRANCH http://marc.info/?l=bugtraq&m=108024081011678&w=2 http://marc.info/?l=bugtraq&m=108034113406858&w=2 http://secunia.com/advisories/8146 http://www.redhat.com/support/errata/RHSA-2003-139.html https://lists.apache.org/thread.html/54a42d4b01968df111 •

CVSS: 5.0EPSS: 1%CPEs: 2EXPL: 0

Apache does not filter terminal escape sequences from its error logs, which could make it easier for attackers to insert those sequences into terminal emulators containing vulnerabilities related to escape sequences. Apache no filtra secuencias de escape de terminales en sus archivos de registro de errores, lo que podría hacer más fácil para atacantes insertar estas secuencias en emuladores de terminal que tengan vulnerabilidades relacionadas con secuencias de escape. • http://archives.neohapsis.com/archives/vulnwatch/2003-q1/0093.html http://frontal2.mandriva.com/security/advisories?name=MDKSA-2004:046 http://marc.info/?l=bugtraq&m=104612710031920&w=2 http://marc.info/?l=bugtraq&m=108369640424244&w=2 http://marc.info/?l=bugtraq&m=108437852004207&w=2 http://marc.info/? •

CVSS: 5.0EPSS: 0%CPEs: 8EXPL: 0

Apache 2.0 before 2.0.44 on Windows platforms allows remote attackers to obtain certain files via an HTTP request that ends in certain illegal characters such as ">", which causes a different filename to be processed and served. Apache 2.0 anterior a 2.0.44 en plataformas Windows permite a atacantes remotos obtener determinados ficheros mediante una petición HTTP que termina en ciertos caracteres ilegales como ">", lo cual provoca que se procese y sirva un nombre de archivo diferente. • http://marc.info/?l=apache-httpd-announce&m=104313442901017&w=2 https://lists.apache.org/thread.html/54a42d4b01968df1117cea77fc53d6beb931c0e05936ad02af93e9ac%40%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/5df9bfb86a3b054bb985a45ff9250b0332c9ecc181eec232489e7f79%40%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/r0276683d8e1e07153fc8642618830ac0ade85b9ae0dc7b07f63bb8fc%40%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/r2cb985de917e7da0848c440535f65a247754db8b2154a10089e4247b%40%3Ccvs.httpd.apache.org%3E https://lists •