Page 44 of 227 results (0.013 seconds)

CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0

mod_proxy in Apache 1.2.5 and earlier allows remote attackers to cause a denial of service via malformed FTP commands, which causes Apache to dump core. • http://marc.info/?l=bugtraq&m=88413292830649&w=2 http://www.apache.org/info/security_bulletin_1.2.5.html •

CVSS: 7.5EPSS: 94%CPEs: 2EXPL: 5

guestbook.pl cleanses user-inserted SSI commands by removing text between "<!--" and "-->" separators, which allows remote attackers to execute arbitrary commands when guestbook.pl is run on Apache 1.3.9 and possibly other versions, since Apache allows other closing sequences besides "-->". • https://www.exploit-db.com/exploits/16914 https://www.exploit-db.com/exploits/9907 https://github.com/siunam321/CVE-1999-1053-PoC http://www.securityfocus.com/archive/1/33674 http://www.securityfocus.com/archive/82/27296 http://www.securityfocus.com/archive/82/27560 http://www.securityfocus.com/bid/776 •

CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 2

Apache allows remote attackers to conduct a denial of service via a large number of MIME headers. • https://www.exploit-db.com/exploits/20272 http://archives.neohapsis.com/archives/bugtraq/1998_3/0742.html •

CVSS: 5.0EPSS: 0%CPEs: 2EXPL: 0

Vulnerability in Apache httpd before 1.3.11, when configured for mass virtual hosting using mod_rewrite, or mod_vhost_alias in Apache 1.3.9, allows remote attackers to retrieve arbitrary files. • http://www.apacheweek.com/issues/00-01-07#status https://lists.apache.org/thread.html/r5419c9ba0951ef73a655362403d12bb8d10fab38274deb3f005816f5%40%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/r5f9c22f9c28adbd9f00556059edc7b03a5d5bb71d4bb80257c0d34e4%40%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/rb9c9f42dafa25d2f669dac2a536a03f2575bc5ec1be6f480618aee10%40%3Ccvs.httpd.apache.org%3E https://lists.apache.org/ •

CVSS: 10.0EPSS: 2%CPEs: 1EXPL: 0

Apache WWW server 1.3.1 and earlier allows remote attackers to cause a denial of service (resource exhaustion) via a large number of MIME headers with the same name, aka the "sioux" vulnerability. • http://marc.info/?l=bugtraq&m=90252779826784&w=2 http://marc.info/?l=bugtraq&m=90276683825862&w=2 http://marc.info/?l=bugtraq&m=90280517007869&w=2 http://marc.info/?l=bugtraq&m=90286768232093&w=2 http://www.redhat.com/support/errata/rh51-errata-general.html#apache https://lists.apache.org/thread.html/r5419c9ba0951ef73a655362403d12bb8d10fab38274deb3f005816f5%40%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E •