apache http server 2.0.49 vulnerabilities and exploits

(subscribe to this query)

NA

Apache HTTP Server 2.0.x and 2.2.x does not sanitize the HTTP Method specifier header from an HTTP request when it is reflected back in a "413 Request Entity Too Large" error message, which might allow cross-site scripting (XSS) style attacks using web client...

NA

mod_ssl in Apache 2.0 up to 2.0.55, when configured with an SSL vhost with access control and a custom error 400 error page, allows remote attackers to cause a denial of service (application crash) via a non-SSL request to an SSL port, which triggers a NULL pointer dereference....

NA

Format string vulnerability in the mod_tcl module 1.0 for Apache 2.x allows context-dependent attackers to execute arbitrary code via format string specifiers that are not properly handled in a set_var function call in (1) tcl_cmds.c and (2) tcl_core.c....

Apache Http Server 2.0.28 Apache Http Server 2.0.32 Apache Http Server 2.0.39 Apache Http Server 2.0.40 Apache Http Server 2.0.48 Apache Http Server 2.0.49 Apache Http Server 2.0.56 Apache Http Server 2.0.57 Apache Http Server 2.1.3 Apache Http Server 2.1.4 Apache Http Server 2.1.5 Apache Http Server 2.0.37 Apache Http Server 2.0.38 Apache Http Server 2.0.46 Apache Http Server 2.0.47 Apache Http Server 2.0.54 Apache Http Server 2.0.55 Apache Http Server 2.1.1 Apache Http Server 2.1.2 Apache Http Server 2.2.3 Apache Http Server 2.0 Apache Http Server 2.0.35 Apache Http Server 2.0.36 Apache Http Server 2.0.44 Apache Http Server 2.0.45 Apache Http Server 2.0.52 Apache Http Server 2.0.53 Apache Http Server 2.0.9 Apache Http Server 2.1 Apache Http Server 2.2.1 Apache Http Server 2.2.2 Apache Http Server 2.0.34 Apache Http Server 2.0.41 Apache Http Server 2.0.42 Apache Http Server 2.0.43 Apache Http Server 2.0.50 Apache Http Server 2.0.51 Apache Http Server 2.0.58 Apache Http Server 2.1.6 Apache Http Server 2.2

NA

Cross-site scripting (XSS) vulnerability in Apache 2.2.6 and earlier allows remote attackers to inject arbitrary web script or HTML via UTF-7 encoded URLs that are not properly handled when displaying the 403 Forbidden error page....

Apache Http Server 2.0.28 Apache Http Server 2.0 Apache Http Server 2.0.37 Apache Http Server 2.0.32 Apache Http Server 2.0.39 Apache Http Server 2.0.40 Apache Http Server 2.0.41 Apache Http Server 2.0.48 Apache Http Server 2.0.49 Apache Http Server 2.0.56 Apache Http Server 2.0.57 Apache Http Server 2.1.2 Apache Http Server 2.1.3 Apache Http Server 2.2.1 Apache Http Server 2.2.2 Apache Http Server 2.0.34 Apache Http Server 2.0.42 Apache Http Server 2.0.43 Apache Http Server 2.0.50 Apache Http Server 2.0.51 Apache Http Server 2.0.58 Apache Http Server 2.0.59 Apache Http Server 2.1.4 Apache Http Server 2.1.5 Apache Http Server 2.2.3 Apache Http Server 2.2.4 Apache Http Server 2.0.35 Apache Http Server 2.0.36 Apache Http Server 2.0.44 Apache Http Server 2.0.45 Apache Http Server 2.0.52 Apache Http Server 2.0.53 Apache Http Server 2.0.60 Apache Http Server 2.0.61 Apache Http Server 2.1.6 Apache Http Server 2.1.7 Apache Http Server -Apache Http Server 2.0.38 Apache Http Server 2.0.46 Apache Http Server 2.0.47 Apache Http Server 2.0.54 Apache Http Server 2.0.55 Apache Http Server 2.0.9 Apache Http Server 2.1 Apache Http Server 2.1.1 Apache Http Server 2.1.8 Apache Http Server 2.21 EDB exploit available1 Github repository available

NA

Cross-site scripting (XSS) vulnerability in mod_autoindex.c in the Apache HTTP Server before 2.2.6, when the charset on a server-generated page is not defined, allows remote attackers to inject arbitrary web script or HTML via the P parameter using the UTF-7 charset. NOTE: it...

Apache Http Server 2.0.28 Apache Http Server 2.0.38 Apache Http Server 2.0.39 Apache Http Server 2.0.46 Apache Http Server 2.0.47 Apache Http Server 2.0.55 Apache Http Server 2.0.56 Apache Http Server 2.1 Apache Http Server 2.1.1 Apache Http Server 2.1.8 Apache Http Server 2.2 Apache Http Server 2.2.1 Apache Http Server 2.0 Apache Http Server 2.0.36 Apache Http Server 2.0.37 Apache Http Server 2.0.44 Apache Http Server 2.0.45 Apache Http Server 2.0.53 Apache Http Server 2.0.54 Apache Http Server 2.0.61 Apache Http Server 2.0.9 Apache Http Server 2.1.6 Apache Http Server 2.1.7 Apache Http Server 2.0.32 Apache Http Server 2.0.40 Apache Http Server 2.0.41 Apache Http Server 2.0.48 Apache Http Server 2.0.49 Apache Http Server 2.0.50 Apache Http Server 2.0.57 Apache Http Server 2.0.58 Apache Http Server 2.1.2 Apache Http Server 2.1.3 Apache Http Server 2.2.2 Apache Http Server 2.2.3 Apache Http Server 2.0.34 Apache Http Server 2.0.35 Apache Http Server 2.0.42 Apache Http Server 2.0.43 Apache Http Server 2.0.51 Apache Http Server 2.0.52 Apache Http Server 2.0.59 Apache Http Server 2.0.60 Apache Http Server 2.1.4 Apache Http Server 2.1.5 Apache Http Server 2.2.4 Apache Http Server -1 Github repository available

NA

The ap_get_mime_headers_core function in Apache httpd 2.0.49 allows remote attackers to cause a denial of service (memory exhaustion), and possibly an integer signedness error leading to a heap-based buffer overflow on 64 bit systems, via long header lines with large numbers of...

Avaya Converged Communications Server 2.0 Gentoo Linux 1.4 Trustix Secure Linux 2.1 Trustix Secure Linux 1.5 Trustix Secure Linux 2.0 Apache Http Server 2.0.49 Ibm Http Server 2.0.42 Avaya S8700 R2.0.0 Ibm Http Server 2.0.47 Ibm Http Server 2.0.47.1 Ibm Http Server 2.0.42.1 Ibm Http Server 2.0.42.2 Apache Http Server 2.0.47 Apache Http Server 2.0.48 Avaya S8300 R2.0.0 Avaya S8500 R2.0.02 EDB exploits available

NA

Integer overflow in the ap_pregsub function in server/util.c in the Apache HTTP Server 2.0.x through 2.0.64 and 2.2.x through 2.2.21, when the mod_setenvif module is enabled, allows local users to gain privileges via a .htaccess file with a crafted SetEnvIf directive, in...

Apache Http Server 2.0.61 Apache Http Server 2.0.58 Apache Http Server 2.0.53 Apache Http Server 2.0.52 Apache Http Server 2.0.44 Apache Http Server 2.0.59 Apache Http Server 2.0.32 Apache Http Server 2.0.41 Apache Http Server 2.0.40 Apache Http Server 2.0.55 Apache Http Server 2.0.54 Apache Http Server 2.0.47 Apache Http Server 2.0.46 Apache Http Server 2.0.63 Apache Http Server 2.0.9 Apache Http Server 2.0.35 Apache Http Server 2.0.34 Apache Http Server 2.0.64 Apache Http Server 2.0.51 Apache Http Server 2.0.50 Apache Http Server 2.0.43 Apache Http Server 2.0.42 Apache Http Server 2.0.45 Apache Http Server 2.0.28 Apache Http Server 2.0.39 Apache Http Server 2.0.38 Apache Http Server 2.0.57 Apache Http Server 2.0.56 Apache Http Server 2.0.49 Apache Http Server 2.0.48 Apache Http Server 2.0.60 Apache Http Server 2.0 Apache Http Server 2.0.37 Apache Http Server 2.0.36 Apache Http Server 2.2.8 Apache Http Server 2.2.13 Apache Http Server 2.2.4 Apache Http Server 2.2.18 Apache Http Server 2.2.3 Apache Http Server 2.2.12 Apache Http Server 2.2.14 Apache Http Server 2.2.19 Apache Http Server 2.2.9 Apache Http Server 2.2.10 Apache Http Server 2.2.15 Apache Http Server 2.2.2 Apache Http Server 2.2.1 Apache Http Server 2.2.6 Apache Http Server 2.2.11 Apache Http Server 2.2.0 Apache Http Server 2.2.16 Apache Http Server 2.2.20 Apache Http Server 2.2.211 EDB exploit available10 Github repositories available

Get Started

1 2 NEXT »

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook