Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
apache-ssl apache-ssl vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv2
CVE-2008-0555
The ExpandCert function in Apache-SSL before apache_1.3.41+ssl_1.59 does not properly handle (1) '/' and (2) '=' characters in a Distinguished Name (DN) in a client certificate, which might allow remote malicious users to bypass authentication via a crafted DN...
Apache-ssl Apache-ssl 1.3.34 1.57
4.3
CVSSv2
CVE-2005-2088
The Apache HTTP server prior to 1.3.34, and 2.0.x prior to 2.0.55, when acting as an HTTP proxy, allows remote malicious users to poison the web cache, bypass web application firewall protection, and conduct XSS attacks via an HTTP request with both a "Transfer-Encoding: chu...
Apache Http Server
Debian Debian Linux 3.1
Debian Debian Linux 3.0
7.5
CVSSv2
CVE-2004-0009
Apache-SSL 1.3.28+1.52 and previous versions, with SSLVerifyClient set to 1 or 3 and SSLFakeBasicAuth enabled, allows remote malicious users to forge a client certificate by using basic authentication with the "one-line DN" of the target user.
Apache-ssl Apache-ssl
5
CVSSv2
CVE-2003-0543
Integer overflow in OpenSSL 0.9.6 and 0.9.7 allows remote malicious users to cause a denial of service (crash) via an SSL client certificate with certain ASN.1 tag values.
Openssl Openssl 0.9.6
Openssl Openssl 0.9.7
1 EDB exploit
5
CVSSv2
CVE-2003-0544
OpenSSL 0.9.6 and 0.9.7 does not properly track the number of characters in certain ASN.1 inputs, which allows remote malicious users to cause a denial of service (crash) via an SSL client certificate that causes OpenSSL to read past the end of a buffer when the long form is used...
Openssl Openssl 0.9.6
Openssl Openssl 0.9.7
2.6
CVSSv2
CVE-2002-1233
A regression error in the Debian distributions of the apache-ssl package (prior to 1.3.9 on Debian 2.2, and prior to 1.3.26 on Debian 3.0), for Apache 1.3.27 and previous versions, allows local users to read or modify the Apache password file via a symlink attack on temporary fil...
Apache Http Server 1.3.20
Apache Http Server 1.3.25
Apache Http Server 1.3.19
Apache Http Server 1.3.24
Apache Http Server 1.3.17
Apache Http Server 1.3.22
Apache Http Server 1.3.26
Apache Http Server 1.3.18
Apache Http Server 1.3.23
Apache Http Server 1.3.27
7.2
CVSSv2
CVE-2002-0839
The shared memory scoreboard in the HTTP daemon for Apache 1.3.x prior to 1.3.27 allows any user running as the Apache UID to send a SIGUSR1 signal to any process as root, resulting in a denial of service (process kill) or possibly other behaviors that would not normally be allow...
Apache Http Server
Debian Debian Linux 2.2
Debian Debian Linux 3.0
6.8
CVSSv2
CVE-2002-0840
Cross-site scripting (XSS) vulnerability in the default error page of Apache 2.0 prior to 2.0.43, and 1.3.x up to 1.3.26, when UseCanonicalName is "Off" and support for wildcard DNS is present, allows remote malicious users to execute script as other web page visitors v...
Apache Http Server 2.0.42
Oracle Application Server 9.0.2.1
Apache Http Server 1.3.23
Oracle Oracle9i 9.0.1
Oracle Oracle9i 9.0.2
Oracle Oracle8i 8.1.7 .0.0 Enterprise
Oracle Database Server 8.1.7
Apache Http Server 2.0.35
Apache Http Server 2.0.37
Apache Http Server 1.3.1
Apache Http Server 1.3.25
Oracle Oracle9i 9.0
Apache Http Server 1.3.19
Oracle Database Server 9.2.1
Apache Http Server 2.0.39
Apache Http Server 1.3.24
Oracle Application Server 9.0.2
Apache Http Server 1.3.20
Apache Http Server 1.3.6
Apache Http Server 2.0.41
Oracle Oracle8i 8.1.7.1
Oracle Oracle8i 8.1.7
1 EDB exploit
7.5
CVSSv2
CVE-2002-0843
Buffer overflows in the ApacheBench benchmark support program (ab.c) in Apache prior to 1.3.27, and Apache 2.x prior to 2.0.43, allow a malicious web server to cause a denial of service and possibly execute arbitrary code via a long response.
Oracle Application Server 9.0.2.1
Apache Http Server 1.3.23
Oracle Oracle8i 8.1.7.0.0 Enterprise
Oracle Database Server 8.1.7
Apache Http Server 1.3.1
Apache Http Server 1.3.25
Apache Http Server 1.3.19
Apache Http Server 1.3.24
Oracle Application Server 9.0.2
Apache Http Server 1.3.20
Apache Http Server 1.3.6
Oracle Oracle8i 8.1.7.1
Oracle Oracle8i 8.1.7
Apache Http Server 1.3.4
Apache Http Server 1.3.18
Oracle Application Server 1.0.2.1s
Apache Http Server 1.3
Apache Http Server 1.3.12
Apache Http Server 1.3.3
Apache Http Server 1.3.17
Apache Http Server 1.3.26
Apache Http Server 1.3.9
7.5
CVSSv2
CVE-2002-0392
Apache 1.3 up to and including 1.3.24, and Apache 2.0 up to and including 2.0.36, allows remote malicious users to cause a denial of service and possibly execute arbitrary code via a chunk-encoded HTTP request that causes Apache to use an incorrect size.
Apache Http Server
Debian Debian Linux 2.2
3 EDB exploits
3 Github repositories
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
camera
bypass
CVE-2024-3592
CVE-2024-37383
CVE-2024-24919
CVE-2024-27822
CVE-2024-36788
CVE-2024-36789
man-in-the-middle
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »