Page 40 of 233 results (0.019 seconds)

CVSS: 5.0EPSS: 8%CPEs: 1EXPL: 0

The IPv6 URI parsing routines in the apr-util library for Apache 2.0.50 and earlier allow remote attackers to cause a denial of service (child process crash) via a certain URI, as demonstrated using the Codenomicon HTTP Test Tool. Las reglas de procesado de IPv6 en la biblioteca apr-util de Apache 2.0.50 y anteriores permite a atacantes remotos causar una denegación de servicio (caída de proceso hijo) mediante una cierta URI, como se ha demostrado utilizando la herramienta de pruebas HTTP Codenomicon. • http://secunia.com/advisories/12540 http://www.gentoo.org/security/en/glsa/glsa-200409-21.xml http://www.mandrakesecure.net/en/advisories/advisory.php?name=MDKSA-2004:096 http://www.novell.com/linux/security/advisories/2004_32_apache2.html http://www.redhat.com/support/errata/RHSA-2004-463.html http://www.trustix.org/errata/2004/0047 https://exchange.xforce.ibmcloud.com/vulnerabilities/17382 https://lists.apache.org/thread.html/54a42d4b01968df1117cea77fc53d6beb931c0e05936ad02af93e9ac%40%3Ccvs.httpd.a •

CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0

Buffer overflow in Apache 2.0.50 and earlier allows local users to gain apache privileges via a .htaccess file that causes the overflow during expansion of environment variables. Desbordamiento de búfer en Apache 2.0.50 y anteriores permite a usuarios locales ganar privilegios mediante un fichero .htaccess que causa un desbordamiento durante la expansión de variables de entorno. • http://secunia.com/advisories/12540 http://secunia.com/advisories/34920 http://securitytracker.com/id?1011303 http://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=205147 http://www.gentoo.org/security/en/glsa/glsa-200409-21.xml http://www.kb.cert.org/vuls/id/481998 http://www.mandrakesecure.net/en/advisories/advisory.php?name=MDKSA-2004:096 http://www.novell.com/linux/security/advisories/2004_32_apache2.html http://www.redhat.com/support/errata/RHSA-2004-463.htm • CWE-131: Incorrect Calculation of Buffer Size •

CVSS: 5.0EPSS: 5%CPEs: 1EXPL: 1

The char_buffer_read function in the mod_ssl module for Apache 2.x, when using reverse proxying to an SSL server, allows remote attackers to cause a denial of service (segmentation fault). La función char_buffer_read en el módulo mod_ssl de Apache 2.x, cuando se usa un proxy inverso con un servidor SSL, permite a atacantes remotos causar una denegación de permiso (fallo de segmentación). • https://www.exploit-db.com/exploits/24590 http://archives.neohapsis.com/archives/bugtraq/2004-09/0096.html http://issues.apache.org/bugzilla/show_bug.cgi?id=30134 http://www.gentoo.org/security/en/glsa/glsa-200409-21.xml http://www.mandrakesecure.net/en/advisories/advisory.php?name=MDKSA-2004:096 http://www.novell.com/linux/security/advisories/2004_30_apache2.html http://www.redhat.com/support/errata/RHSA-2004-463.html http://www.trustix.org/errata/2004/0047 https:/ •

CVSS: 5.0EPSS: 12%CPEs: 1EXPL: 0

mod_ssl in Apache 2.0.50 and earlier allows remote attackers to cause a denial of service (CPU consumption) by aborting an SSL connection in a way that causes an Apache child process to enter an infinite loop. mod_ssl en Apache 2.0.50 y anteriores permite a atacantes remotos causar un denegación de servicio (consuminción de CPU) abortando un conexión SSL de cierta manera que causa que un proceso hijo de apache entre en un bucle infinito. • http://www.gentoo.org/security/en/glsa/glsa-200409-21.xml http://www.mandrakesecure.net/en/advisories/advisory.php?name=MDKSA-2004:096 http://www.novell.com/linux/security/advisories/2004_30_apache2.html http://www.redhat.com/support/errata/RHSA-2004-349.html http://www.trustix.org/errata/2004/0047 https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=130750 https://exchange.xforce.ibmcloud.com/vulnerabilities/17200 https://lists.apache.org/thread.html/54a42d4b01968df1117cea77fc53d6beb931c0e05936a • CWE-835: Loop with Unreachable Exit Condition ('Infinite Loop') •

CVSS: 5.0EPSS: 0%CPEs: 50EXPL: 0

PHP 4.3.4 and earlier in Apache 1.x and 2.x (mod_php) can leak global variables between virtual hosts that are handled by the same Apache child process but have different settings, which could allow remote attackers to obtain sensitive information. PHP 4.3.4 y anteriores en Apache 1.x y 2.x (mod_php) pude filtrar variables globales entre servidores virtuales con diferente configuración que son manejadas por el mismo proceso hijo de Apache, lo que podría permitir a atacantes remotos obtener información sensible. • http://security.gentoo.org/glsa/glsa-200402-01.xml http://www.osvdb.org/3878 http://www.securityfocus.com/bid/9599 https://exchange.xforce.ibmcloud.com/vulnerabilities/15072 •