CVSS: 7.5EPSS: 8%CPEs: 12EXPL: 0CVE-2010-2068 – (mod_proxy): Sensitive response disclosure due improper handling of timeouts
https://notcve.org/view.php?id=CVE-2010-2068
18 Jun 2010 — mod_proxy_http.c in mod_proxy_http in the Apache HTTP Server 2.2.9 through 2.2.15, 2.3.4-alpha, and 2.3.5-alpha on Windows, NetWare, and OS/2, in certain configurations involving proxy worker pools, does not properly detect timeouts, which allows remote attackers to obtain a potentially sensitive response intended for a different client in opportunistic circumstances via a normal HTTP request. mod_proxy_http.c en mod_proxy_http en el servidor Apache HTTP v2.2.9 hasta v2.2.15, v2.3.4-alpha, y 2.3.5-alpha en ... • http://httpd.apache.org/security/vulnerabilities_22.html • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 6.8EPSS: 0%CPEs: 3EXPL: 0CVE-2006-6675
https://notcve.org/view.php?id=CVE-2006-6675
21 Dec 2006 — Cross-site scripting (XSS) vulnerability in Novell NetWare 6.5 Support Pack 5 and 6 and Novell Apache on NetWare 2.0.48 allows remote attackers to inject arbitrary web script or HTML via unspecified parameters in Welcome web-app. Vulnerabilidad de XSS en Novell NetWare 6.5 Support Pack 5 y 6 y Novell Apache en NetWare 2.0.48 permite a atacantes remotos inyectar secuencias de comandos web o HTML arbitrarios a través de parámetros no especificados en la aplicación web Welcome. • http://secunia.com/advisories/23406 •
CVSS: 7.5EPSS: 0%CPEs: 4EXPL: 0CVE-1999-0929
https://notcve.org/view.php?id=CVE-1999-0929
16 Jun 1999 — Novell NetWare with Novell-HTTP-Server or YAWN web servers allows remote attackers to conduct a denial of service via a large number of HTTP GET requests. • https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0929 •