Page 40 of 227 results (0.006 seconds)

CVSS: 7.5EPSS: 0%CPEs: 16EXPL: 0

The default installation of Apache before 1.3.19 on Mandrake Linux 7.1 through 8.0 and Linux Corporate Server 1.0.1 allows remote attackers to list the directory index of arbitrary web directories. • http://www.kb.cert.org/vuls/id/913704 http://www.mandriva.com/security/advisories?name=MDKSA-2001:077-2 https://exchange.xforce.ibmcloud.com/vulnerabilities/8029 •

CVSS: 5.0EPSS: 0%CPEs: 1EXPL: 0

split-logfile in Apache 1.3.20 allows remote attackers to overwrite arbitrary files that end in the .log extension via an HTTP request with a / (slash) in the Host: header. • http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000430 http://frontal2.mandriva.com/security/advisories?name=MDKSA-2001:077 http://www.apacheweek.com/issues/01-09-28#security http://www.linuxsecurity.com/advisories/other_advisory-1649.html http://www.redhat.com/support/errata/RHSA-2001-126.html http://www.redhat.com/support/errata/RHSA-2001-164.html https://exchange.xforce.ibmcloud.com/vulnerabilities/7419 https://lists.apache.org/thread.html/r5419c9ba0951ef73a655362403d12bb8d10fab38274deb3f005816f5 •

CVSS: 5.0EPSS: 0%CPEs: 1EXPL: 0

Apache 1.3.20 on Windows servers allows remote attackers to bypass the default index page and list directory contents via a URL with a large number of / (slash) characters. • http://secunia.com/advisories/23794 http://securitytracker.com/id?1017522 http://www.apacheweek.com/issues/01-09-28#security http://www.oracle.com/technetwork/topics/security/cpujan2007-101493.html http://www.securityfocus.com/bid/22083 https://lists.apache.org/thread.html/r5419c9ba0951ef73a655362403d12bb8d10fab38274deb3f005816f5%40%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/rf2f0f3611f93 •

CVSS: 9.8EPSS: 0%CPEs: 2EXPL: 2

Apache on MacOS X Client 10.0.3 with the HFS+ file system allows remote attackers to bypass access restrictions via a URL that contains some characters whose case is not matched by Apache's filters. • https://www.exploit-db.com/exploits/20911 http://archives.neohapsis.com/archives/bugtraq/2001-06/0090.html http://www.securityfocus.com/bid/2852 • CWE-178: Improper Handling of Case Sensitivity •

CVSS: 5.0EPSS: 96%CPEs: 1EXPL: 1

Apache 1.3.20 with Multiviews enabled allows remote attackers to view directory contents and bypass the index page via a URL containing the "M=D" query string. • https://www.exploit-db.com/exploits/21002 ftp://patches.sgi.com/support/free/security/advisories/20020301-01-P http://frontal2.mandriva.com/security/advisories?name=MDKSA-2001:077 http://www.apacheweek.com/issues/01-10-05#security http://www.redhat.com/support/errata/RHSA-2001-126.html http://www.redhat.com/support/errata/RHSA-2001-164.html http://www.securityfocus.com/archive/1/20010709214744.A28765%40brasscannon.net http://www.securityfocus.com/bid/3009 https://exchange.xforce. •