CVE-1999-1053 – The Matt Wright Guestbook.pl - Arbitrary Command Execution
https://notcve.org/view.php?id=CVE-1999-1053
guestbook.pl cleanses user-inserted SSI commands by removing text between "<!--" and "-->" separators, which allows remote attackers to execute arbitrary commands when guestbook.pl is run on Apache 1.3.9 and possibly other versions, since Apache allows other closing sequences besides "-->". • https://www.exploit-db.com/exploits/16914 https://www.exploit-db.com/exploits/9907 https://github.com/siunam321/CVE-1999-1053-PoC http://www.securityfocus.com/archive/1/33674 http://www.securityfocus.com/archive/82/27296 http://www.securityfocus.com/archive/82/27560 http://www.securityfocus.com/bid/776 •
CVE-1999-0926 – Apache 1.2.5/1.3.1 / UnityMail 2.0 - MIME Header Denial of Service
https://notcve.org/view.php?id=CVE-1999-0926
Apache allows remote attackers to conduct a denial of service via a large number of MIME headers. • https://www.exploit-db.com/exploits/20272 http://archives.neohapsis.com/archives/bugtraq/1998_3/0742.html •
CVE-2000-1206
https://notcve.org/view.php?id=CVE-2000-1206
Vulnerability in Apache httpd before 1.3.11, when configured for mass virtual hosting using mod_rewrite, or mod_vhost_alias in Apache 1.3.9, allows remote attackers to retrieve arbitrary files. • http://www.apacheweek.com/issues/00-01-07#status https://lists.apache.org/thread.html/r5419c9ba0951ef73a655362403d12bb8d10fab38274deb3f005816f5%40%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/r5f9c22f9c28adbd9f00556059edc7b03a5d5bb71d4bb80257c0d34e4%40%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/rb9c9f42dafa25d2f669dac2a536a03f2575bc5ec1be6f480618aee10%40%3Ccvs.httpd.apache.org%3E https://lists.apache.org/ •
CVE-1999-1199
https://notcve.org/view.php?id=CVE-1999-1199
Apache WWW server 1.3.1 and earlier allows remote attackers to cause a denial of service (resource exhaustion) via a large number of MIME headers with the same name, aka the "sioux" vulnerability. • http://marc.info/?l=bugtraq&m=90252779826784&w=2 http://marc.info/?l=bugtraq&m=90276683825862&w=2 http://marc.info/?l=bugtraq&m=90280517007869&w=2 http://marc.info/?l=bugtraq&m=90286768232093&w=2 http://www.redhat.com/support/errata/rh51-errata-general.html#apache https://lists.apache.org/thread.html/r5419c9ba0951ef73a655362403d12bb8d10fab38274deb3f005816f5%40%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E •
CVE-1999-0107 – Apache 1.2 - Denial of Service
https://notcve.org/view.php?id=CVE-1999-0107
Buffer overflow in Apache 1.2.5 and earlier allows a remote attacker to cause a denial of service with a large number of GET requests containing a large number of / characters. • https://www.exploit-db.com/exploits/20558 https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0107 •