Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
apache http server 2.0 vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv3
CVE-2004-0174
Apache 1.4.x prior to 1.3.30, and 2.0.x prior to 2.0.49, when using multiple listening sockets on certain platforms, allows remote malicious users to cause a denial of service (blocked new connections) via a "short-lived connection on a rarely-accessed listening socket."...
Apache Http Server
NA
CVE-2002-0392
Apache 1.3 up to and including 1.3.24, and Apache 2.0 up to and including 2.0.36, allows remote malicious users to cause a denial of service and possibly execute arbitrary code via a chunk-encoded HTTP request that causes Apache to use an incorrect size.
Apache Http Server
Debian Debian Linux 2.2
3 EDB exploits
3 Github repositories
NA
CVE-2006-3918
http_protocol.c in (1) IBM HTTP Server 6.0 prior to 6.0.2.13 and 6.1 prior to 6.1.0.1, and (2) Apache HTTP Server 1.3 prior to 1.3.35, 2.0 prior to 2.0.58, and 2.2 prior to 2.2.2, does not sanitize the Expect header from an HTTP request when it is reflected back in an error messa...
Apache Http Server
Debian Debian Linux 3.1
Canonical Ubuntu Linux 7.04
Canonical Ubuntu Linux 7.10
Canonical Ubuntu Linux 6.10
Canonical Ubuntu Linux 6.06
Redhat Enterprise Linux Server 2.0
Redhat Enterprise Linux Workstation 2.0
1 EDB exploit
NA
CVE-2005-2088
The Apache HTTP server prior to 1.3.34, and 2.0.x prior to 2.0.55, when acting as an HTTP proxy, allows remote malicious users to poison the web cache, bypass web application firewall protection, and conduct XSS attacks via an HTTP request with both a "Transfer-Encoding: chu...
Apache Http Server
Debian Debian Linux 3.1
Debian Debian Linux 3.0
NA
CVE-2008-0456
CRLF injection vulnerability in the mod_negotiation module in the Apache HTTP Server 2.2.6 and previous versions in the 2.2.x series, 2.0.61 and previous versions in the 2.0.x series, and 1.3.39 and previous versions in the 1.3.x series allows remote authenticated users to inject...
Apache Http Server
Redhat Enterprise Linux Server 5.0
Redhat Enterprise Linux Workstation 5.0
Redhat Enterprise Linux Desktop 5.0
NA
CVE-2012-0256
Apache Traffic Server 2.0.x and 3.0.x prior to 3.0.4 and 3.1.x prior to 3.1.3 does not properly allocate heap memory, which allows remote malicious users to cause a denial of service (daemon crash) via a long HTTP Host header.
Apache Traffic Server 3.1.1
Apache Traffic Server 3.1.0
Apache Traffic Server 2.1.7
Apache Traffic Server 2.1.6
Apache Traffic Server 2.0.1
Apache Traffic Server 2.0.0
Apache Traffic Server 3.0.3
Apache Traffic Server 3.0.2
Apache Traffic Server 2.1.5
Apache Traffic Server 2.1.4
Apache Traffic Server 3.0.1
Apache Traffic Server 3.0.0
Apache Traffic Server 2.1.3
Apache Traffic Server 2.1.2
Apache Traffic Server 3.1.2
Apache Traffic Server 2.1.9
Apache Traffic Server 2.1.8
Apache Traffic Server 2.1.1
Apache Traffic Server 2.1.0
NA
CVE-2008-0455
Cross-site scripting (XSS) vulnerability in the mod_negotiation module in the Apache HTTP Server 2.2.6 and previous versions in the 2.2.x series, 2.0.61 and previous versions in the 2.0.x series, and 1.3.39 and previous versions in the 1.3.x series allows remote authenticated use...
Apache Http Server
Redhat Enterprise Linux Server 5.0
Redhat Enterprise Linux Workstation 5.0
Redhat Enterprise Linux Desktop 5.0
Redhat Jboss Enterprise Application Platform 6.0.0
Redhat Jboss Enterprise Application Platform 6.4.0
1 EDB exploit
NA
CVE-2005-2700
ssl_engine_kernel.c in mod_ssl prior to 2.8.24, when using "SSLVerifyClient optional" in the global virtual host configuration, does not properly enforce "SSLVerifyClient require" in a per-location context, which allows remote malicious users to bypass intende...
Apache Http Server
Debian Debian Linux 3.1
Debian Debian Linux 3.0
Canonical Ubuntu Linux 4.10
Canonical Ubuntu Linux 5.04
NA
CVE-2008-0005
mod_proxy_ftp in Apache 2.2.x prior to 2.2.7-dev, 2.0.x prior to 2.0.62-dev, and 1.3.x prior to 1.3.40-dev does not define a charset, which allows remote malicious users to conduct cross-site scripting (XSS) attacks using UTF-7 encoding.
Apache Http Server
Fedoraproject Fedora 8
Fedoraproject Fedora 7
Canonical Ubuntu Linux 7.04
Canonical Ubuntu Linux 7.10
Canonical Ubuntu Linux 6.10
Canonical Ubuntu Linux 6.06
NA
CVE-2012-0053
protocol.c in the Apache HTTP Server 2.2.x up to and including 2.2.21 does not properly restrict header information during construction of Bad Request (aka 400) error documents, which allows remote malicious users to obtain the values of HTTPOnly cookies via vectors involving a (...
Apache Http Server
Debian Debian Linux 5.0
Debian Debian Linux 7.0
Debian Debian Linux 6.0
Opensuse Opensuse 11.4
Suse Linux Enterprise Software Development Kit 10
Suse Linux Enterprise Server 10
Redhat Enterprise Linux Desktop 6.0
Redhat Enterprise Linux Server 6.0
Redhat Enterprise Linux Workstation 6.0
Redhat Storage 2.0
Redhat Enterprise Linux Eus 6.2
Redhat Jboss Enterprise Web Server 1.0.0
1 EDB exploit
3 Github repositories
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-20065
open redirect
CVE-2024-1086
path traversal
CVE-2024-29825
XXE
CVE-2024-29822
CVE-2024-20696
CVE-2024-3564
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »