CVSS: 7.5EPSS: 2%CPEs: 2EXPL: 0CVE-2004-1811
https://notcve.org/view.php?id=CVE-2004-1811
The SSL HTTP Server in HP Web-enabled Management Software 5.0 through 5.92, with anonymous access enabled, allows remote attackers to compromise the trusted certificates by uploading their own certificates. • http://archives.neohapsis.com/archives/vulnwatch/2004-q1/0057.html http://marc.info/?l=bugtraq&m=107936784030214&w=2 http://secunia.com/advisories/11126 http://www.ciac.org/ciac/bulletins/o-100.shtml http://www.immunitysec.com/downloads/hp_http.sxw.pdf http://www.securityfocus.com/advisories/6448 http://www.securityfocus.com/bid/9859 http://www.tru64.org/stories.php?story=04/03/12/0204078 https://exchange.xforce.ibmcloud.com/vulnerabilities/15466 •
CVSS: 5.0EPSS: 0%CPEs: 30EXPL: 1CVE-2004-0809
https://notcve.org/view.php?id=CVE-2004-0809
The mod_dav module in Apache 2.0.50 and earlier allows remote attackers to cause a denial of service (child process crash) via a certain sequence of LOCK requests for a location that allows WebDAV authoring access. • http://cvs.apache.org/viewcvs.cgi/httpd-2.0/modules/dav/fs/lock.c?r1=1.32&r2=1.33 http://www.debian.org/security/2004/dsa-558 http://www.gentoo.org/security/en/glsa/glsa-200409-21.xml http://www.mandrakesecure.net/en/advisories/advisory.php?name=MDKSA-2004:096 http://www.redhat.com/support/errata/RHSA-2004-463.html http://www.trustix.org/errata/2004/0047 https://exchange.xforce.ibmcloud.com/vulnerabilities/17366 https://lists.apache.org/thread.html/54a42d4b01968df11 •