CVSS: 7.5EPSS: 0%CPEs: 47EXPL: 0CVE-2004-1082
https://notcve.org/view.php?id=CVE-2004-1082
mod_digest_apple for Apache 1.3.31 and 1.3.32 on Mac OS X Server does not properly verify the nonce of a client response, which allows remote attackers to replay credentials. • http://lists.apple.com/archives/security-announce/2004/Dec/msg00000.html http://www.ciac.org/ciac/bulletins/p-049.shtml http://www.securityfocus.com/bid/9571 http://www.securitytracker.com/alerts/2004/Dec/1012414.html https://exchange.xforce.ibmcloud.com/vulnerabilities/18347 •
CVSS: 4.3EPSS: 0%CPEs: 6EXPL: 0CVE-2003-1418
https://notcve.org/view.php?id=CVE-2003-1418
Apache HTTP Server 1.3.22 through 1.3.27 on OpenBSD allows remote attackers to obtain sensitive information via (1) the ETag header, which reveals the inode number, or (2) multipart MIME boundary, which reveals child process IDs (PID). • http://www.openbsd.org/errata32.html http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html http://www.securityfocus.com/bid/6939 http://www.securityfocus.com/bid/6943 https://exchange.xforce.ibmcloud.com/vulnerabilities/11438 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 4.3EPSS: 0%CPEs: 23EXPL: 6CVE-2003-1307 – Apache 2.0.4x mod_php - File Descriptor Leakage
https://notcve.org/view.php?id=CVE-2003-1307
The mod_php module for the Apache HTTP Server allows local users with write access to PHP scripts to send signals to the server's process group and use the server's file descriptors, as demonstrated by sending a STOP signal, then intercepting incoming connections on the server's TCP port. NOTE: the PHP developer has disputed this vulnerability, saying "The opened file descriptors are opened by Apache. It is the job of Apache to protect them ... Not a bug in PHP. • https://www.exploit-db.com/exploits/23481 https://www.exploit-db.com/exploits/23482 http://bugs.php.net/38915 http://hackerdom.ru/~dimmo/phpexpl.c http://www.securityfocus.com/archive/1/348368 http://www.securityfocus.com/archive/1/449234/100/0/threaded http://www.securityfocus.com/archive/1/449298/100/0/threaded http://www.securityfocus.com/bid/9302 •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2003-0789
https://notcve.org/view.php?id=CVE-2003-0789
mod_cgid in Apache before 2.0.48, when using a threaded MPM, does not properly handle CGI redirect paths, which could cause Apache to send the output of a CGI program to the wrong client. mod_cgid en Apache anteriores a 2.0.48, cuando usan una MPM multihilo, no maneja adecuadamente redirecciones de ruta de CGI, lo que podría causar que Apache enviar la salida de un programa CGI a un cliente equivocado. • http://apache.secsup.org/dist/httpd/Announcement2.html http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000775 http://docs.info.apple.com/article.html?artnum=61798 http://lists.apple.com/archives/security-announce/2004/Jan/msg00000.html http://lists.apple.com/mhonarc/security-announce/msg00045.html http://marc.info/?l=bugtraq&m=106761802305141&w=2 http://security.gentoo.org/glsa/glsa-200310-04.xml http://www.ciac.org/ciac/bulletins/o-015.shtml http://www.mandrakese •
CVSS: 7.2EPSS: 0%CPEs: 36EXPL: 0CVE-2003-0542
https://notcve.org/view.php?id=CVE-2003-0542
Multiple stack-based buffer overflows in (1) mod_alias and (2) mod_rewrite for Apache before 1.3.29 allow attackers to create configuration files to cause a denial of service (crash) or execute arbitrary code via a regular expression with more than 9 captures. Múltiples desbordamientos de búfer en mod_alias y mod_rewrite de Apache anteriores a 1.3.29, con consecuencias y métodos de ataque desconocidos, relacionados con una expresión regular con más de 9 capturas. • ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2004.6/SCOSA-2004.6.txt ftp://patches.sgi.com/support/free/security/advisories/20031203-01-U.asc ftp://patches.sgi.com/support/free/security/advisories/20040202-01-U.asc http://docs.info.apple.com/article.html?artnum=61798 http://httpd.apache.org/dist/httpd/Announcement2.html http://lists.apple.com/archives/security-announce/2004/Jan/msg00000.html http://lists.apple.com/mhonarc/security-announce/msg00045.html http://marc.info/? • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •