Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact

apache http server 2.0.48 vulnerabilities and exploits

(subscribe to this query)
NA
CVE-2006-6675
Cross-site scripting (XSS) vulnerability in Novell NetWare 6.5 Support Pack 5 and 6 and Novell Apache on NetWare 2.0.48 allows remote malicious users to inject arbitrary web script or HTML via unspecified parameters in Welcome web-app.
Novell Apache Http Server 2.0.48Novell Netware 6.5
NA
CVE-2004-0113
Memory leak in ssl_engine_io.c for mod_ssl in Apache 2 prior to 2.0.49 allows remote malicious users to cause a denial of service (memory consumption) via plain HTTP requests to the SSL port of an SSL-enabled server.
Apache Http Server 2.0.42Apache Http Server 2.0.47Apache Http Server 2.0.35Apache Http Server 2.0.37Apache Http Server 2.0.44Apache Http Server 2.0.39Apache Http Server 2.0.41Apache Http Server 2.0.38Apache Http Server 2.0.48Apache Http Server 2.0.45Apache Http Server 2.0.40Apache Http Server 2.0.36Apache Http Server 2.0.46Apache Http Server 2.0.43
NA
CVE-2004-0885
The mod_ssl module in Apache 2.0.35 up to and including 2.0.52, when using the "SSLCipherSuite" directive in directory or location context, allows remote clients to bypass intended restrictions by using any cipher suite that is allowed by the virtual host configuration.
Apache Http Server 2.0.42Apache Http Server 2.0.47Apache Http Server 2.0.50Apache Http Server 2.0.35Apache Http Server 2.0.37Apache Http Server 2.0.44Apache Http Server 2.0.39Apache Http Server 2.0.52Apache Http Server 2.0.51Apache Http Server 2.0.41Apache Http Server 2.0.49Apache Http Server 2.0.38Apache Http Server 2.0.48Apache Http Server 2.0.45Apache Http Server 2.0.40Apache Http Server 2.0.36Apache Http Server 2.0.46Apache Http Server 2.0.43
NA
CVE-2004-1834
mod_disk_cache in Apache 2.0 up to and including 2.0.49 stores client headers, including authentication information, on the hard disk, which could allow local users to gain sensitive information.
Apache Http Server 2.0.42Apache Http Server 2.0.47Apache Http Server 2.0.35Apache Http Server 2.0.37Apache Http Server 2.0.44Apache Http Server 2.0.39Apache Http Server 2.0.28Apache Http Server 2.0.41Apache Http Server 2.0.49Apache Http Server 2.0.9Apache Http Server 2.0.32Apache Http Server 2.0.38Apache Http Server 2.0.48Apache Http Server 2.0.45Apache Http Server 2.0.40Apache Http Server 2.0.36Apache Http Server 2.0.46Apache Http Server 2.0.43Apache Http Server 2.0
NA
CVE-2003-1307
The mod_php module for the Apache HTTP Server allows local users with write access to PHP scripts to send signals to the server's process group and use the server's file descriptors, as demonstrated by sending a STOP signal, then intercepting incoming connections on the...
Apache Http Server 2.0.42Apache Http Server 2.0.47Apache Http Server 2.0.28Apache Http Server 2.0.35Apache Http Server 2.0.37Apache Http Server 2.0.32Apache Http Server 2.0.44Apache Http Server 2.0.34Apache Http Server 2.0.39Apache Http Server 2.0.46Apache Http Server 2.0.41Apache Http Server 2.0.9Apache Http Server 2.0.38Apache Http Server 2.0.48Apache Http Server 2.0.45Apache Http Server 2.0.40Apache Http Server 2.0.36Apache Http Server 2.0.43Apache Http Server 2.0
NA
CVE-2005-2728
The byte-range filter in Apache 2.0 prior to 2.0.54 allows remote malicious users to cause a denial of service (memory consumption) via an HTTP header with a large Range field.
Apache Http Server 2.0.42Apache Http Server 2.0.47Apache Http Server 2.0.50Apache Http Server 2.0.35Apache Http Server 2.0.37Apache Http Server 2.0.44Apache Http Server 2.0.39Apache Http Server 2.0.52Apache Http Server 2.0.53Apache Http Server 2.0.51Apache Http Server 2.0.28Apache Http Server 2.0.41Apache Http Server 2.0.49Apache Http Server 2.0.9Apache Http Server 2.0.32Apache Http Server 2.0.38Apache Http Server 2.0.48Apache Http Server 2.0.45Apache Http Server 2.0.40Apache Http Server 2.0.36Apache Http Server 2.0.46Apache Http Server 2.0.43
NA
CVE-2007-6203
Apache HTTP Server 2.0.x and 2.2.x does not sanitize the HTTP Method specifier header from an HTTP request when it is reflected back in a "413 Request Entity Too Large" error message, which might allow cross-site scripting (XSS) style attacks using web client components...
Apache Http Server 2.0.51Apache Http Server 2.0.52Apache Http Server 2.1.2Apache Http Server 2.1.3Apache Http Server 2.2.2Apache Http Server 2.2.3Apache Http Server 2.0.46Apache Http Server 2.0.53Apache Http Server 2.0.54Apache Http Server 2.0.55Apache Http Server 2.1.4Apache Http Server 2.1.5Apache Http Server 2.2.4Apache Http Server 2.0.47Apache Http Server 2.0.48Apache Http Server 2.0.57Apache Http Server 2.0.58Apache Http Server 2.1.6Apache Http Server 2.1.7Apache Http Server 2.0.49Apache Http Server 2.0.50Apache Http Server 2.0.59
NA
CVE-2005-3357
mod_ssl in Apache 2.0 up to 2.0.55, when configured with an SSL vhost with access control and a custom error 400 error page, allows remote malicious users to cause a denial of service (application crash) via a non-SSL request to an SSL port, which triggers a NULL pointer derefere...
Apache Http Server 2.0.42Apache Http Server 2.0.47Apache Http Server 2.0.50Apache Http Server 2.0.35Apache Http Server 2.0.37Apache Http Server 2.0.55Apache Http Server 2.0.44Apache Http Server 2.0.39Apache Http Server 2.0.52Apache Http Server 2.0.53Apache Http Server 2.0.51Apache Http Server 2.0.28Apache Http Server 2.0.41Apache Http Server 2.0.49Apache Http Server 2.0.9Apache Http Server 2.0.32Apache Http Server 2.0.38Apache Http Server 2.0.48Apache Http Server 2.0.45Apache Http Server 2.0.40Apache Http Server 2.0.36Apache Http Server 2.0.46
NA
CVE-2006-4154
Format string vulnerability in the mod_tcl module 1.0 for Apache 2.x allows context-dependent malicious users to execute arbitrary code via format string specifiers that are not properly handled in a set_var function call in (1) tcl_cmds.c and (2) tcl_core.c.
Apache Http Server 2.0.28Apache Http Server 2.0.32Apache Http Server 2.0.39Apache Http Server 2.0.40Apache Http Server 2.0.48Apache Http Server 2.0.49Apache Http Server 2.0.56Apache Http Server 2.0.57Apache Http Server 2.1.3Apache Http Server 2.1.4Apache Http Server 2.1.5Apache Http Server 2.0.37Apache Http Server 2.0.38Apache Http Server 2.0.46Apache Http Server 2.0.47Apache Http Server 2.0.54Apache Http Server 2.0.55Apache Http Server 2.1.1Apache Http Server 2.1.2Apache Http Server 2.2.3Apache Http Server 2.0Apache Http Server 2.0.35
NA
CVE-2004-0263
PHP 4.3.4 and previous versions in Apache 1.x and 2.x (mod_php) can leak global variables between virtual hosts that are handled by the same Apache child process but have different settings, which could allow remote malicious users to obtain sensitive information.
Apache Http Server 1.0.3Apache Http Server 1.0.5Apache Http Server 1.3.11Apache Http Server 1.3.12Apache Http Server 1.2Apache Http Server 1.2.5Apache Http Server 1.3.18Apache Http Server 1.3.19Apache Http Server 1.3.20Apache Http Server 1.3.28Apache Http Server 1.3.29Apache Http Server 2.0.28Apache Http Server 2.0.41Apache Http Server 2.0.42Apache Http Server 2.0.9Ibm Http Server 1.3.19Apache Http Server 1.3.24Apache Http Server 1.3.25Apache Http Server 1.3.6Apache Http Server 1.3.7Apache Http Server 2.0.36Apache Http Server 2.0.37
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-3675CVE-2024-3400CVE-2024-23557mass assignmentCVE-2023-1389local file inclusionCVE-2024-32596file uploadCVE-2024-32593
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook