Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact

apache http server 1.3.18 vulnerabilities and exploits

(subscribe to this query)

NA
CVE-2001-1342
Apache before 1.3.20 on Windows and OS/2 systems allows remote attackers to cause a denial of service (GPF) via an HTTP request for a URI that contains a large number of / (slash) or other characters, which causes certain functions to dereference a null pointer....
Apache Http Server 1.3.16Apache Http Server 1.3.15Apache Http Server 1.3.14Apache Http Server 1.3.18Apache Http Server 1.3.17Apache Http Server 1.3.12Apache Http Server 1.3.19
NA
CVE-2002-2029
PHP, when installed on Windows with Apache and ScriptAlias for /php/ set to c:/php/, allows remote attackers to read arbitrary files and possibly execute arbitrary programs via an HTTP request for php.exe with a filename in the query string....
Apache Http Server 1.3.16Apache Http Server 1.3.17Apache Http Server 1.3.18Apache Http Server 1.3.19Apache Http Server 1.3.11Apache Http Server 1.3.13Apache Http Server 1.3.15Apache Http Server 1.3.20Apache Http Server 1.3.12Apache Http Server 1.3.14
NA
CVE-2002-1233
A regression error in the Debian distributions of the apache-ssl package (before 1.3.9 on Debian 2.2, and before 1.3.26 on Debian 3.0), for Apache 1.3.27 and earlier, allows local users to read or modify the Apache password file via a symlink attack on temporary files when the...
Apache Http Server 1.3.20Apache Http Server 1.3.25Apache Http Server 1.3.19Apache Http Server 1.3.24Apache Http Server 1.3.17Apache Http Server 1.3.22Apache Http Server 1.3.26Apache Http Server 1.3.18Apache Http Server 1.3.23Apache Http Server 1.3.27
NA
CVE-2002-0257
Cross-site scripting vulnerability in auction.pl of MakeBid Auction Deluxe 3.30 allows remote attackers to obtain information from other users via the form fields (1) TITLE, (2) DESCTIT, (3) DESC, (4) searchstring, (5) ALIAS, (6) EMAIL, (7) ADDRESS1, (8) ADDRESS2, (9) ADDRESS3,...
Apache Http Server 1.3.22Usanet Creations Makebid Auction Deluxe 3.30Apache Http Server 1.3.19Apache Http Server 1.3.20Apache Http Server 1.3.17Apache Http Server 1.3.18
NA
CVE-2002-2103
Apache before 1.3.24, when writing to the log file, records a spoofed hostname from the reverse lookup of an IP address, even when a double-reverse lookup fails, which allows remote attackers to hide the original source of activities....
Apache Http Server 1.3.14Apache Http Server 1.3.16Apache Http Server 1.3.18Apache Http Server 1.3.9Apache Http Server 1.3.19Apache Http Server 1.3.20Apache Http Server 1.3.22Apache Http Server 1.3.23Apache Http Server 1.3.11Apache Http Server 1.3.12Apache Http Server 1.3.13Apache Http Server 1.3.15Apache Http Server 1.3.17
NA
CVE-2002-1658
Buffer overflow in htdigest in Apache 1.3.26 and 1.3.27 may allow attackers to execute arbitrary code via a long user argument. NOTE: since htdigest is normally only locally accessible and not setuid or setgid, there are few attack vectors which would lead to an escalation of...
Apache Http Server 1.3.17Apache Http Server 1.3.18Apache Http Server 1.3.26Apache Http Server 1.3.27Apache Http Server 1.3.1Apache Http Server 1.3.11Apache Http Server 1.3.22Apache Http Server 1.3.23Apache Http Server 1.3.6Apache Http Server 1.3.9Apache Http Server 1.3.12Apache Http Server 1.3.14Apache Http Server 1.3.24Apache Http Server 1.3.25Apache Http Server 1.3.19Apache Http Server 1.3.20Apache Http Server 1.3.3Apache Http Server 1.3.4
NA
CVE-2003-0993
mod_access in Apache 1.3 before 1.3.30, when running big-endian 64-bit platforms, does not properly parse Allow/Deny rules using IP addresses without a netmask, which could allow remote attackers to bypass intended access restrictions....
Apache Http Server 1.3.23Apache Http Server 1.3.27Apache Http Server 1.3.1Apache Http Server 1.3.25Apache Http Server 1.3.28Apache Http Server 1.3.19Apache Http Server 1.3.24Apache Http Server 1.3.20Apache Http Server 1.3.7Apache Http Server 1.3.6Apache Http Server 1.3.4Apache Http Server 1.3.18Apache Http Server 1.3Apache Http Server 1.3.12Apache Http Server 1.3.3Apache Http Server 1.3.17Apache Http Server 1.3.26Apache Http Server 1.3.9Apache Http Server 1.3.14Apache Http Server 1.3.29Apache Http Server 1.3.22Apache Http Server 1.3.11
NA
CVE-2001-1449
The default installation of Apache before 1.3.19 on Mandrake Linux 7.1 through 8.0 and Linux Corporate Server 1.0.1 allows remote attackers to list the directory index of arbitrary web directories....
Apache Http Server 1.3.1Apache Http Server 1.3.11Apache Http Server 1.3.6Apache Http Server 1.3.9Apache Http Server 1.3.12Apache Http Server 1.3.14Mandrakesoft Mandrake Single Network Firewall 7.2Apache Http Server 1.3.17Apache Http Server 1.3.18Apache Http Server 1.3Apache Http Server 1.3.3Apache Http Server 1.3.4Mandrakesoft Mandrake Linux 7.1Mandrakesoft Mandrake Linux 7.3Mandrakesoft Mandrake Linux 8.0Mandrakesoft Mandrake Linux Corporate Server 1.0.1
NA
CVE-2002-2272
Tomcat 4.0 through 4.1.12, using mod_jk 1.2.1 module on Apache 1.3 through 1.3.27, allows remote attackers to cause a denial of service (desynchronized communications) via an HTTP GET request with a Transfer-Encoding chunked field with invalid values....
Apache Http Server 1.3.11Apache Http Server 1.3.12Apache Http Server 1.3.13Apache Http Server 1.3.14Apache Http Server 1.3.20Apache Http Server 1.3.22Apache Tomcat 4.0.2Apache Tomcat 4.0.3Apache Tomcat 4.1.12Apache Tomcat 4.1.2Apache Http Server 1.3Apache Http Server 1.3.0Apache Http Server 1.3.15Apache Http Server 1.3.16Apache Http Server 1.3.23Apache Http Server 1.3.24Apache Tomcat 4.0.4Apache Tomcat 4.0.5Apache Tomcat 4.1.3Apache Http Server 1.3.19Apache Http Server 1.3.2Apache Tomcat 4.0.0Apache Tomcat 4.0.1Apache Tomcat 4.1.1Apache Tomcat 4.1.10Apache Http Server 1.3.1Apache Http Server 1.3.10Apache Http Server 1.3.17Apache Http Server 1.3.18Apache Http Server 1.3.25Apache Http Server 1.3.26Apache Http Server 1.3.27Apache Tomcat 4.0.6Apache Tomcat 4.1.0Apache Tomcat 4.1.9
NA
CVE-2010-0010
Integer overflow in the ap_proxy_send_fb function in proxy/proxy_util.c in mod_proxy in the Apache HTTP Server before 1.3.42 on 64-bit platforms allows remote origin servers to cause a denial of service (daemon crash) or possibly execute arbitrary code via a large chunk size...
Apache Http Server 1.3.38Apache Http Server 1.3.23Apache Http Server 1.3.27Apache Http Server 1.3.10Apache Http Server 1.0.5Apache Http Server 0.8.11Apache Http Server 1.3.33Apache Http Server 1.3.36Apache Http Server 1.3.1Apache Http Server 1.3.25Apache Http Server 1.3.28Apache Http Server 1.3.19Apache Http Server 1.3.40Apache Http Server 1.3.31Apache Http Server 1.3.24Apache Http Server 1.3.20Apache Http Server 1.3.35Apache Http Server 1.1Apache Http Server 1.3.2Apache Http Server 1.3.34Apache Http Server 1.3.4Apache Http Server 1.2.5Apache Http Server 1.3.13Apache Http Server 1.0Apache Http Server 1.2.4Apache Http Server 1.3.39Apache Http Server 1.3.30Apache Http Server 1.3.18Apache Http Server 1.0.3Apache Http Server 1.3.0Apache Http Server 1.3Apache Http Server 1.3.12Apache Http Server 1.3.3Apache Http Server 1.3.17Apache Http Server 0.8.14Apache Http Server 1.3.26Apache Http ServerApache Http Server 1.3.32Apache Http Server 1.3.15Apache Http Server 1.3.14Apache Http Server 1.3.29Apache Http Server 1.3.22Apache Http Server 1.3.37Apache Http Server 1.3.11Apache Http Server 1.2.6Apache Http Server 1.2
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-4518malicious code‎validationCVE-2023-42916template injectionCVE-2023-41266CVE-2023-43089CVE-2023-5995CVE-2023-21746
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook