CVSS: 8.8EPSS: 96%CPEs: 68EXPL: 6CVE-2019-0211 – Apache HTTP Server Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2019-0211
03 Apr 2019 — In Apache HTTP Server 2.4 releases 2.4.17 to 2.4.38, with MPM event, worker or prefork, code executing in less-privileged child processes or threads (including scripts executed by an in-process scripting interpreter) could execute arbitrary code with the privileges of the parent process (usually root) by manipulating the scoreboard. Non-Unix systems are not affected. En Apache HTTP Server 2.4, versiones 2.4.17 a 2.4.38, con el evento MPM, worker o prefork, el código ejecutándose en procesos hijo (o hilos) m... • https://packetstorm.news/files/id/152441 • CWE-250: Execution with Unnecessary Privileges CWE-416: Use After Free •
CVSS: 7.5EPSS: 0%CPEs: 10EXPL: 0CVE-2018-17199 – httpd: mod_session_cookie does not respect expiry time
https://notcve.org/view.php?id=CVE-2018-17199
23 Jan 2019 — In Apache HTTP Server 2.4 release 2.4.37 and prior, mod_session checks the session expiry time before decoding the session. This causes session expiry time to be ignored for mod_session_cookie sessions since the expiry time is loaded when the session is decoded. En Apache HTTP Server 2.4, en sus distribuciones 2.4.37 y anteriores, mod_session comprueba el tiempo de caducidad de la sesión antes de descodificarla. Esto provoca que se ignore el tiempo de caducidad de la sesión para sesiones mod_session_cookie,... • http://www.securityfocus.com/bid/106742 • CWE-384: Session Fixation CWE-613: Insufficient Session Expiration •
CVSS: 5.3EPSS: 0%CPEs: 35EXPL: 0CVE-2018-17189 – httpd: mod_http2: DoS via slow, unneeded request bodies
https://notcve.org/view.php?id=CVE-2018-17189
23 Jan 2019 — In Apache HTTP server versions 2.4.37 and prior, by sending request bodies in a slow loris way to plain resources, the h2 stream for that request unnecessarily occupied a server thread cleaning up that incoming data. This affects only HTTP/2 (mod_http2) connections. En Apache HTTP Server, en sus versiones 2.4.37 y anteriores, mediante el envío de cuerpos de respuesta mediante la técnica del "slow loris" a recursos planos, la transmisión h2 para esa petición ocupó de forma innecesaria un hilo de servidor que... • http://www.securityfocus.com/bid/106685 • CWE-400: Uncontrolled Resource Consumption •
CVSS: 7.5EPSS: 1%CPEs: 17EXPL: 0CVE-2018-11763 – Apache2 mod_http2 header Denial of Service Vulnerability
https://notcve.org/view.php?id=CVE-2018-11763
25 Sep 2018 — In Apache HTTP Server 2.4.17 to 2.4.34, by sending continuous, large SETTINGS frames a client can occupy a connection, server thread and CPU time without any connection timeout coming to effect. This affects only HTTP/2 connections. A possible mitigation is to not enable the h2 protocol. En Apache HTTP Server, de la versión 2.4.17 a la 2.4.34, mediante el envío continuo de tramas SETTINGS grandes, un cliente puede ocupar una conexión, hilo del servidor y tiempo de CPU sin que se active ningún agotamiento de... • http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00030.html • CWE-20: Improper Input Validation •
CVSS: 6.1EPSS: 1%CPEs: 41EXPL: 0CVE-2016-4975 – mod_userdir CRLF injection
https://notcve.org/view.php?id=CVE-2016-4975
14 Aug 2018 — Possible CRLF injection allowing HTTP response splitting attacks for sites which use mod_userdir. This issue was mitigated by changes made in 2.4.25 and 2.2.32 which prohibit CR or LF injection into the "Location" or other outbound header key or value. Fixed in Apache HTTP Server 2.4.25 (Affected 2.4.1-2.4.23). Fixed in Apache HTTP Server 2.2.32 (Affected 2.2.0-2.2.31). Posible inyección CRLF que permite ataques de separación de respuesta HTTP para los sitios que emplean mod_userdir. • http://www.securityfocus.com/bid/105093 • CWE-93: Improper Neutralization of CRLF Sequences ('CRLF Injection') CWE-113: Improper Neutralization of CRLF Sequences in HTTP Headers ('HTTP Request/Response Splitting') •
CVSS: 7.5EPSS: 5%CPEs: 8EXPL: 0CVE-2018-1333 – DoS for HTTP/2 connections by crafted requests
https://notcve.org/view.php?id=CVE-2018-1333
18 Jun 2018 — By specially crafting HTTP/2 requests, workers would be allocated 60 seconds longer than necessary, leading to worker exhaustion and a denial of service. Fixed in Apache HTTP Server 2.4.34 (Affected 2.4.18-2.4.30,2.4.33). Al manipular especialmente las peticiones HTTP/2, los trabajadores se asignarían 60 segundos más de los necesarios, lo que conduce a un agotamiento de los trabajadores y a una denegación de servicio (DoS). Esto se ha solucionado en Apache HTTP Server 2.4.34 (2.4.18 - 2.4.30, 2.4.33 afectad... • http://www.securitytracker.com/id/1041402 • CWE-400: Uncontrolled Resource Consumption •
CVSS: 7.5EPSS: 95%CPEs: 11EXPL: 0CVE-2018-1303 – httpd: Out of bounds read in mod_cache_socache can allow a remote attacker to cause DoS
https://notcve.org/view.php?id=CVE-2018-1303
26 Mar 2018 — A specially crafted HTTP request header could have crashed the Apache HTTP Server prior to version 2.4.30 due to an out of bound read while preparing data to be cached in shared memory. It could be used as a Denial of Service attack against users of mod_cache_socache. The vulnerability is considered as low risk since mod_cache_socache is not widely used, mod_cache_disk is not concerned by this vulnerability. Una cabecera HTTP especialmente manipulada podría haber provocado el cierre inesperado del servidor ... • http://www.openwall.com/lists/oss-security/2018/03/24/3 • CWE-125: Out-of-bounds Read •
CVSS: 9.8EPSS: 1%CPEs: 39EXPL: 0CVE-2018-1312 – httpd: Weak Digest auth nonce generation in mod_auth_digest
https://notcve.org/view.php?id=CVE-2018-1312
26 Mar 2018 — In Apache httpd 2.2.0 to 2.4.29, when generating an HTTP Digest authentication challenge, the nonce sent to prevent reply attacks was not correctly generated using a pseudo-random seed. In a cluster of servers using a common Digest authentication configuration, HTTP requests could be replayed across servers by an attacker without detection. En Apache httpd, en versiones desde la 2.2.0 hasta la 2.4.29, cuando se genera un desafío de autenticación HTTP Digest, el nonce enviado para evitar ataques replay no se... • http://www.openwall.com/lists/oss-security/2018/03/24/7 • CWE-287: Improper Authentication CWE-305: Authentication Bypass by Primary Weakness •
CVSS: 5.3EPSS: 0%CPEs: 16EXPL: 0CVE-2018-1283 – httpd: Improper handling of headers in mod_session can allow a remote user to modify session data for CGI applications
https://notcve.org/view.php?id=CVE-2018-1283
26 Mar 2018 — In Apache httpd 2.4.0 to 2.4.29, when mod_session is configured to forward its session data to CGI applications (SessionEnv on, not the default), a remote user may influence their content by using a "Session" header. This comes from the "HTTP_SESSION" variable name used by mod_session to forward its data to CGIs, since the prefix "HTTP_" is also used by the Apache HTTP Server to pass HTTP header fields, per CGI specifications. En Apache httpd, versiones 2.4.0 hasta la 2.4.29, cuando se configura mod_session... • http://www.openwall.com/lists/oss-security/2018/03/24/4 • CWE-20: Improper Input Validation •
CVSS: 8.1EPSS: 95%CPEs: 16EXPL: 1CVE-2017-15715 – httpd: <FilesMatch> bypass with a trailing newline in the file name
https://notcve.org/view.php?id=CVE-2017-15715
26 Mar 2018 — In Apache httpd 2.4.0 to 2.4.29, the expression specified in