apache http server 2.2.11 vulnerabilities and exploits

(subscribe to this query)

NA

The ap_proxy_ajp_request function in mod_proxy_ajp.c in mod_proxy_ajp in the Apache HTTP Server 2.2.x before 2.2.15 does not properly handle certain situations in which a client sends no request body, which allows remote attackers to cause a denial of service (backend server...

Apache Http Server 2.2 Apache Http Server 2.2.11 Apache Http Server 2.2.0 Apache Http Server 2.2.13 Apache Http Server 2.2.2 Apache Http Server 2.2.4 Apache Http Server 2.2.8 Apache Http Server 2.2.14 Apache Http Server 2.2.6 Apache Http Server 2.2.9 Apache Http Server 2.2.12 Apache Http Server 2.2.313 Github repositories available

NA

Multiple cross-site scripting (XSS) vulnerabilities in the make_variant_list function in mod_negotiation.c in the mod_negotiation module in the Apache HTTP Server 2.4.x before 2.4.3, when the MultiViews option is enabled, allow remote attackers to inject arbitrary web script or...

NA

Multiple cross-site scripting (XSS) vulnerabilities in the balancer_handler function in the manager interface in mod_proxy_balancer.c in the mod_proxy_balancer module in the Apache HTTP Server 2.2.x before 2.2.24-dev and 2.4.x before 2.4.4 allow remote attackers to inject...

NA

Multiple cross-site scripting (XSS) vulnerabilities in the Apache HTTP Server 2.2.x before 2.2.24-dev and 2.4.x before 2.4.4 allow remote attackers to inject arbitrary web script or HTML via vectors involving hostnames and URIs in the (1) mod_imagemap, (2) mod_info, (3)...

9.8

CVSSv3

In Apache httpd 2.2.x before 2.2.33 and 2.4.x before 2.4.26, mod_ssl may dereference a NULL pointer when third-party modules call ap_hook_process_connection() during an HTTP request to an HTTPS port....

Apache Http Server 2.2.23 Apache Http Server 2.4.1 Apache Http Server 2.4.20 Apache Http Server 2.2.11 Apache Http Server 2.2.0 Apache Http Server 2.2.31 Apache Http Server 2.2.13 Apache Http Server 2.2.2 Apache Http Server 2.4.12 Apache Http Server 2.2.17 Apache Http Server 2.2.16 Apache Http Server 2.2.21 Apache Http Server 2.4.23 Apache Http Server 2.4.10 Apache Http Server 2.2.14 Apache Http Server 2.2.24 Apache Http Server 2.2.25 Apache Http Server 2.2.30 Apache Http Server 2.2.22 Apache Http Server 2.2.19 Apache Http Server 2.2.27 Apache Http Server 2.4.25 Apache Http Server 2.4.18 Apache Http Server 2.2.18 Apache Http Server 2.2.12 Apache Http Server 2.2.32 Apache Http Server 2.2.29 Apache Http Server 2.2.3 Apache Http Server 2.4.2 Apache Http Server 2.2.15 Apache Http Server 2.2.20 Apache Http Server 2.4.17 Apache Http Server 2.4.16 Apache Http Server 2.2.2617 Github repositories available

6.1

CVSSv3

Possible CRLF injection allowing HTTP response splitting attacks for sites which use mod_userdir. This issue was mitigated by changes made in 2.4.25 and 2.2.32 which prohibit CR or LF injection into the "Location" or other outbound header key or value. Fixed in Apache...

Apache Http Server 2.2.23 Apache Http Server 2.4.1 Apache Http Server 2.4.20 Apache Http Server 2.2.11 Apache Http Server 2.2.0 Apache Http Server 2.2.31 Apache Http Server 2.2.10 Apache Http Server 2.4.6 Apache Http Server 2.2.13 Apache Http Server 2.2.2 Apache Http Server 2.4.12 Apache Http Server 2.2.4 Apache Http Server 2.2.17 Apache Http Server 2.2.16 Apache Http Server 2.2.21 Apache Http Server 2.4.3 Apache Http Server 2.4.23 Apache Http Server 2.2.8 Apache Http Server 2.4.4 Apache Http Server 2.4.10 Apache Http Server 2.4.7 Apache Http Server 2.2.14 Apache Http Server 2.2.24 Apache Http Server 2.2.25 Apache Http Server 2.2.6 Apache Http Server 2.2.22 Apache Http Server 2.2.19 Apache Http Server 2.2.27 Apache Http Server 2.2.9 Apache Http Server 2.4.18 Apache Http Server 2.2.18 Apache Http Server 2.2.12 Apache Http Server 2.2.29 Apache Http Server 2.2.3 Apache Http Server 2.4.2 Apache Http Server 2.2.15 Apache Http Server 2.2.20 Apache Http Server 2.4.17 Apache Http Server 2.4.16 Apache Http Server 2.4.9 Apache Http Server 2.2.2619 Github repositories available

NA

Integer overflow in the ap_pregsub function in server/util.c in the Apache HTTP Server 2.0.x through 2.0.64 and 2.2.x through 2.2.21, when the mod_setenvif module is enabled, allows local users to gain privileges via a .htaccess file with a crafted SetEnvIf directive, in...

Apache Http Server 2.0.42 Apache Http Server 2.0.64 Apache Http Server 2.0.58 Apache Http Server 2.0.47 Apache Http Server 2.0.56 Apache Http Server 2.0.50 Apache Http Server 2.0.35 Apache Http Server 2.0.37 Apache Http Server 2.0.55 Apache Http Server 2.0.44 Apache Http Server 2.0.39 Apache Http Server 2.0.52 Apache Http Server 2.0.53 Apache Http Server 2.0.57 Apache Http Server 2.0.51 Apache Http Server 2.0.28 Apache Http Server 2.0.63 Apache Http Server 2.0.41 Apache Http Server 2.0.49 Apache Http Server 2.0.9 Apache Http Server 2.0.34 Apache Http Server 2.0.61 Apache Http Server 2.0.32 Apache Http Server 2.0.38 Apache Http Server 2.0.48 Apache Http Server 2.0.45 Apache Http Server 2.0.40 Apache Http Server 2.0.36 Apache Http Server 2.0.46 Apache Http Server 2.0.54 Apache Http Server 2.0.43 Apache Http Server 2.0.59 Apache Http Server 2.0 Apache Http Server 2.0.60 Apache Http Server 2.2.11 Apache Http Server 2.2.0 Apache Http Server 2.2.10 Apache Http Server 2.2.13 Apache Http Server 2.2.2 Apache Http Server 2.2.4 Apache Http Server 2.2.16 Apache Http Server 2.2.21 Apache Http Server 2.2.8 Apache Http Server 2.2.14 Apache Http Server 2.2.6 Apache Http Server 2.2.19 Apache Http Server 2.2.9 Apache Http Server 2.2.18 Apache Http Server 2.2.12 Apache Http Server 2.2.3 Apache Http Server 2.2.15 Apache Http Server 2.2.20 Apache Http Server 2.2.11 EDB exploit available14 Github repositories available

NA

The ap_pregsub function in server/util.c in the Apache HTTP Server 2.0.x through 2.0.64 and 2.2.x through 2.2.21, when the mod_setenvif module is enabled, does not restrict the size of values of environment variables, which allows local users to cause a denial of service (memory...

Apache Http Server 2.0.55 Apache Http Server 2.0.54 Apache Http Server 2.0.46 Apache Http Server 2.0.49 Apache Http Server 2.0.63 Apache Http Server 2.0.9 Apache Http Server 2.0.35 Apache Http Server 2.0.34 Apache Http Server 2.0.37 Apache Http Server 2.0.57 Apache Http Server 2.0.56 Apache Http Server 2.0.51 Apache Http Server 2.0.48 Apache Http Server 2.0.43 Apache Http Server 2.0.60 Apache Http Server 2.0 Apache Http Server 2.0.36 Apache Http Server 2.0.39 Apache Http Server 2.0.50 Apache Http Server 2.0.53 Apache Http Server 2.0.42 Apache Http Server 2.0.45 Apache Http Server 2.0.28 Apache Http Server 2.0.38 Apache Http Server 2.0.41 Apache Http Server 2.0.61 Apache Http Server 2.0.58 Apache Http Server 2.0.52 Apache Http Server 2.0.47 Apache Http Server 2.0.44 Apache Http Server 2.0.59 Apache Http Server 2.0.32 Apache Http Server 2.0.40 Apache Http Server 2.0.64 Apache Http Server 2.2.1 Apache Http Server 2.2.3 Apache Http Server 2.2.12 Apache Http Server 2.2.19 Apache Http Server 2.2.6 Apache Http Server 2.2.11 Apache Http Server 2.2.0 Apache Http Server 2.2.16 Apache Http Server 2.2.21 Apache Http Server 2.2.9 Apache Http Server 2.2.10 Apache Http Server 2.2.15 Apache Http Server 2.2.2 Apache Http Server 2.2.20 Apache Http Server 2.2.8 Apache Http Server 2.2.13 Apache Http Server 2.2.4 Apache Http Server 2.2.18 Apache Http Server 2.2.141 EDB exploit available15 Github repositories available

NA

The mod_proxy module in the Apache HTTP Server 2.0.x through 2.0.64 and 2.2.x before 2.2.18, when the Revision 1179239 patch is in place, does not properly interact with use of (1) RewriteRule and (2) ProxyPassMatch pattern matches for configuration of a reverse proxy, which...

Apache Http Server 2.0.42 Apache Http Server 2.0.58 Apache Http Server 2.2.11 Apache Http Server 2.2.0 Apache Http Server 2.2.10 Apache Http Server 2.2.13 Apache Http Server 2.0.47 Apache Http Server 2.0.56 Apache Http Server 2.0.50 Apache Http Server 2.0.27 Apache Http Server 2.2.2 Apache Http Server 2.0.12 Apache Http Server 2.0.20 Apache Http Server2.0a9 Apache Http Server 2.2.4 Apache Http Server 2.0.35 Apache Http Server 2.0.37 Apache Http Server 2.0.55 Apache Http Server 2.2.17 Apache Http Server 2.0.44 Apache Http Server 2.2.16 Apache Http Server 2.0.39 Apache Http Server 2.0.18 Apache Http Server 2.0.25 Apache Http Server 2.2.8 Apache Http Server 2.0.52 Apache Http Server2.0a7 Apache Http Server 2.0.21 Apache Http Server 2.0.53 Apache Http Server 2.0.57 Apache Http Server 2.0.51 Apache Http Server 2.0.33 Apache Http Server 2.0.17 Apache Http Server 2.0.63 Apache Http Server 2.2.14 Apache Http Server 2.0.22 Apache Http Server 2.0.15 Apache Http Server 2.0.41 Apache Http Server 2.0.49 Apache Http Server 2.0.29 Apache Http Server 2.0.26 Apache Http Server2.0a8 Apache Http Server 2.0.23 Apache Http Server2.0a2 Apache Http Server 2.0.61 Apache Http Server 2.2.6 Apache Http Server 2.0.32 Apache Http Server 2.0.34 Apache Http Server2.0a5 Apache Http Server2.0a3 Apache Http Server 2.0.38 Apache Http Server 2.0.19 Apache Http Server 2.2.9 Apache Http Server2.0a4 Apache Http Server 2.0.24 Apache Http Server 2.0.48 Apache Http Server 2.0.16 Apache Http Server 2.0.45 Apache Http Server 2.2.12 Apache Http Server 2.0.40 Apache Http Server 2.0.36 Apache Http Server2.0a6 Apache Http Server 2.2.3 Apache Http Server 2.0.46 Apache Http Server 2.0.54 Apache Http Server 2.2.15 Apache Http Server 2.0.43 Apache Http Server 2.0.11 Apache Http Server 2.0.59 Apache Http Server 2.0.14 Apache Http Server 2.0.28 Apache Http Server 2.0.31 Apache Http Server2.0a1 Apache Http Server 2.0.30 Apache Http Server 2.2.1 Apache Http Server 2.0.131 EDB exploit available14 Github repositories available

NA

The Apache HTTP Server 2.2.11 and earlier 2.2 versions does not properly handle Options=IncludesNOEXEC in the AllowOverride directive, which allows local users to gain privileges by configuring (1) Options Includes, (2) Options +Includes, or (3) Options +IncludesNOEXEC in a...

Apache Http Server 2.2 Apache Http Server 2.2.0 Apache Http Server 2.2.10 Apache Http Server 2.2.2 Apache Http Server 2.2.4 Apache Http Server Apache Http Server 2.2.8 Apache Http Server 2.2.7 Apache Http Server 2.2.6 Apache Http Server 2.2.9 Apache Http Server 2.2.3 Apache Http Server 2.2.1 Apache Http Server -13 Github repositories available

Get Started

1 2 NEXT »

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook