CVSS: 8.1EPSS: 20%CPEs: 52EXPL: 0CVE-2016-5387 – HTTPD: sets environmental variable based on user supplied Proxy request header
https://notcve.org/view.php?id=CVE-2016-5387
The Apache HTTP Server through 2.4.23 follows RFC 3875 section 4.1.18 and therefore does not protect applications from the presence of untrusted client data in the HTTP_PROXY environment variable, which might allow remote attackers to redirect an application's outbound HTTP traffic to an arbitrary proxy server via a crafted Proxy header in an HTTP request, aka an "httpoxy" issue. NOTE: the vendor states "This mitigation has been assigned the identifier CVE-2016-5387"; in other words, this is not a CVE ID for a vulnerability. El Apache HTTP Server hasta la versión 2.4.23 sigue a RFC 3875 sección 4.1.18 y por lo tanto no protege aplicaciones de la presencia de datos de clientes no confiables en ambiente variable de HTTP_PROXY, lo que puede permitir a atacantes remotos redireccionar el tráfico HTTP saliente de aplicación a un servidor proxy arbitrario a través de una cabecera Proxy manipulada en una petición HTTP, también conocido como problema "httpoxy". NOTA: el vendedor afirma "Se ha asignado a esta mitigación el identificador CVE-2016-5387"; en otras palabras, esto no es un CVE ID para una vulnerabilidad. It was discovered that httpd used the value of the Proxy header from HTTP requests to initialize the HTTP_PROXY environment variable for CGI scripts, which in turn was incorrectly used by certain HTTP client implementations to configure the proxy for outgoing HTTP requests. • http://lists.opensuse.org/opensuse-updates/2016-07/msg00059.html http://rhn.redhat.com/errata/RHSA-2016-1624.html http://rhn.redhat.com/errata/RHSA-2016-1625.html http://rhn.redhat.com/errata/RHSA-2016-1648.html http://rhn.redhat.com/errata/RHSA-2016-1649.html http://rhn.redhat.com/errata/RHSA-2016-1650.html http://www.debian.org/security/2016/dsa-3623 http://www.kb.cert.org/vuls/id/797896 http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html • CWE-20: Improper Input Validation •
CVSS: 5.0EPSS: 4%CPEs: 8EXPL: 0CVE-2015-0228 – httpd: Possible mod_lua crash due to websocket bug
https://notcve.org/view.php?id=CVE-2015-0228
The lua_websocket_read function in lua_request.c in the mod_lua module in the Apache HTTP Server through 2.4.12 allows remote attackers to cause a denial of service (child-process crash) by sending a crafted WebSocket Ping frame after a Lua script has called the wsupgrade function. La función lua_websocket_read en lua_request.c en el módulo mod_lua en Apache HTTP Server hasta 2.4.12 permite a atacantes remotos causar una denegación de servicio (caída del proceso hijo) mediante el envío de un Frame WebSocket Ping manipulado después de que una secuencia de comandos Lua haya llamado a la función wsupgrade. A denial of service flaw was found in the way the mod_lua httpd module processed certain WebSocket Ping requests. A remote attacker could send a specially crafted WebSocket Ping packet that would cause the httpd child process to crash. • http://advisories.mageia.org/MGASA-2015-0099.html http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html http://lists.apple.com/archives/security-announce/2015/Sep/msg00004.html http://lists.opensuse.org/opensuse-updates/2015-03/msg00006.html http://rhn.redhat.com/errata/RHSA-2015-1666.html http://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x/CHANGES http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html http://www.oracle.com/technetwork&#x • CWE-20: Improper Input Validation •
CVSS: 7.5EPSS: 0%CPEs: 11EXPL: 0CVE-2013-4365
https://notcve.org/view.php?id=CVE-2013-4365
Heap-based buffer overflow in the fcgid_header_bucket_read function in fcgid_bucket.c in the mod_fcgid module before 2.3.9 for the Apache HTTP Server allows remote attackers to have an unspecified impact via unknown vectors. Vulnerabilidad de desbordamiento de buffer (heap) en la función fcgid_header_bucket_read de fcgd_bucket.c en el modulo mod_fcgid anterior a 2.3.9 para Apache HTTP Server permite a atacantes remotos tener unimpacto no especificado a través de vectores desconocidos. • http://lists.opensuse.org/opensuse-security-announce/2013-11/msg00011.html http://lists.opensuse.org/opensuse-updates/2013-10/msg00055.html http://lists.opensuse.org/opensuse-updates/2013-10/msg00059.html http://lists.opensuse.org/opensuse-updates/2013-11/msg00024.html http://secunia.com/advisories/55197 http://svn.apache.org/viewvc?view=revision&revision=1527362 http://www.debian.org/security/2013/dsa-2778 http://www.mail-archive.com/dev%40httpd.apache.org/msg58077.html http://www. • CWE-787: Out-of-bounds Write •
CVSS: 5.0EPSS: 2%CPEs: 117EXPL: 0CVE-2007-6750
https://notcve.org/view.php?id=CVE-2007-6750
The Apache HTTP Server 1.x and 2.x allows remote attackers to cause a denial of service (daemon outage) via partial HTTP requests, as demonstrated by Slowloris, related to the lack of the mod_reqtimeout module in versions before 2.2.15. El servidor HTTP Apache 1.x y 2.x permite a atacantes remotos provocar una denegación de servicio (caída del demonio) a través de una petición HTTP parcial, tal como se ha demostrado por Slowloris, relacionado con la falta del módulo mod_reqtimeout en versiones anteriores a 2.2.15. • http://archives.neohapsis.com/archives/bugtraq/2007-01/0229.html http://ha.ckers.org/slowloris http://lists.opensuse.org/opensuse-security-announce/2012-02/msg00026.html http://lists.opensuse.org/opensuse-security-announce/2012-03/msg00002.html http://marc.info/?l=bugtraq&m=136612293908376&w=2 http://www.securityfocus.com/bid/21865 http://www.securitytracker.com/id/1038144 https://exchange.xforce.ibmcloud.com/vulnerabilities/72345 https://h20566.www2.hpe.com/portal/site/hpsc/public/ • CWE-399: Resource Management Errors •
CVSS: 4.3EPSS: 0%CPEs: 20EXPL: 0CVE-2011-1360
https://notcve.org/view.php?id=CVE-2011-1360
Multiple cross-site scripting (XSS) vulnerabilities in IBM HTTP Server 2.0.47 and earlier, as used in WebSphere Application Server and other products, allow remote attackers to inject arbitrary web script or HTML via vectors involving unspecified documentation files in (1) manual/ibm/ and (2) htdocs/*/manual/ibm/. vulnerabilidad múltiple en cross-site scripting (XSS) en IBM HTTP Server v2.0.47 y anteriores, se utiliza en WebSphere Application Server y otros productos, permite a atacantes remotos inyectar secuencias de comandos web o HTML a través de vectores no especificados que involucran archivos de documentación en (1) manual/ibm/ y (2) htdocs/*/manual/ibm/. • http://www-01.ibm.com/support/docview.wss?uid=swg21502580 http://www.ibm.com/support/docview.wss?uid=swg1PM41293 http://www.securityfocus.com/bid/50447 https://exchange.xforce.ibmcloud.com/vulnerabilities/69656 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •