Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
apache http server 2.0.28 vulnerabilities and exploits
(subscribe to this query)
5
CVSSv2
CVE-2002-1592
The ap_log_rerror function in Apache 2.0 up to and including 2.035, when a CGI application encounters an error, sends error messages to the client that include the full path for the server, which allows remote malicious users to obtain sensitive information.
Apache Http Server 2.0
Apache Http Server 2.0.28
Apache Http Server 2.0.32
Apache Http Server 2.0.35
5
CVSSv2
CVE-2002-0240
PHP, when installed with Apache and configured to search for index.php as a default web page, allows remote malicious users to obtain the full pathname of the server via the HTTP OPTIONS method, which reveals the pathname in the resulting error message.
Apache Http Server 2.0.28
5
CVSSv2
CVE-2002-0249
PHP for Windows, when installed on Apache 2.0.28 beta as a standalone CGI module, allows remote malicious users to obtain the physical path of the php.exe via a request with malformed arguments such as /123, which leaks the pathname in the error message.
Apache Http Server 2.0.28
5
CVSSv2
CVE-2002-0654
Apache 2.0 up to and including 2.0.39 on Windows, OS2, and Netware allows remote malicious users to determine the full pathname of the server via (1) a request for a .var file, which leaks the pathname in the resulting error message, or (2) via an error message that occurs when a...
Apache Http Server 2.0
Apache Http Server 2.0.28
Apache Http Server 2.0.32
Apache Http Server 2.0.34
Apache Http Server 2.0.35
Apache Http Server 2.0.36
Apache Http Server 2.0.37
Apache Http Server 2.0.38
Apache Http Server 2.0.39
1 EDB exploit
7.5
CVSSv2
CVE-2002-0661
Directory traversal vulnerability in Apache 2.0 up to and including 2.0.39 on Windows, OS2, and Netware allows remote malicious users to read arbitrary files and execute commands via .. (dot dot) sequences containing \ (backslash) characters.
Apache Http Server 2.0
Apache Http Server 2.0.28
Apache Http Server 2.0.32
Apache Http Server 2.0.34
Apache Http Server 2.0.35
Apache Http Server 2.0.36
Apache Http Server 2.0.37
Apache Http Server 2.0.38
Apache Http Server 2.0.39
1 EDB exploit
5
CVSSv2
CVE-2002-1593
mod_dav in Apache prior to 2.0.42 does not properly handle versioning hooks, which may allow remote malicious users to kill a child process via a null dereference and cause a denial of service (CPU consumption) in a preforked multi-processing module.
Apache Http Server 2.0
Apache Http Server 2.0.28
Apache Http Server 2.0.32
Apache Http Server 2.0.35
Apache Http Server 2.0.36
Apache Http Server 2.0.37
Apache Http Server 2.0.38
Apache Http Server 2.0.39
Apache Http Server 2.0.40
Apache Http Server 2.0.41
5
CVSSv2
CVE-2003-0253
The prefork MPM in Apache 2 prior to 2.0.47 does not properly handle certain errors from accept, which could lead to a denial of service.
Apache Http Server 2.0
Apache Http Server 2.0.28
Apache Http Server 2.0.32
Apache Http Server 2.0.35
Apache Http Server 2.0.36
Apache Http Server 2.0.37
Apache Http Server 2.0.38
Apache Http Server 2.0.39
Apache Http Server 2.0.40
Apache Http Server 2.0.41
Apache Http Server 2.0.42
Apache Http Server 2.0.43
5
CVSSv2
CVE-2003-0254
Apache 2 prior to 2.0.47, when running on an IPv6 host, allows malicious users to cause a denial of service (CPU consumption by infinite loop) when the FTP proxy server fails to create an IPv6 socket.
Apache Http Server 2.0
Apache Http Server 2.0.28
Apache Http Server 2.0.32
Apache Http Server 2.0.35
Apache Http Server 2.0.36
Apache Http Server 2.0.37
Apache Http Server 2.0.38
Apache Http Server 2.0.39
Apache Http Server 2.0.40
Apache Http Server 2.0.41
Apache Http Server 2.0.42
Apache Http Server 2.0.43
5
CVSSv2
CVE-2003-0134
Unknown vulnerability in filestat.c for Apache running on OS2, versions 2.0 up to and including 2.0.45, allows unknown malicious users to cause a denial of service via requests related to device names.
Apache Http Server 2.0
Apache Http Server 2.0.9
Apache Http Server 2.0.28
Apache Http Server 2.0.32
Apache Http Server 2.0.35
Apache Http Server 2.0.36
Apache Http Server 2.0.37
Apache Http Server 2.0.38
Apache Http Server 2.0.39
Apache Http Server 2.0.40
Apache Http Server 2.0.41
Apache Http Server 2.0.42
6.4
CVSSv2
CVE-2003-0192
Apache 2 prior to 2.0.47, and certain versions of mod_ssl for Apache 1.3, do not properly handle "certain sequences of per-directory renegotiations and the SSLCipherSuite directive being used to upgrade from a weak ciphersuite to a strong one," which could cause Apache ...
Apache Http Server 2.0
Apache Http Server 2.0.28
Apache Http Server 2.0.32
Apache Http Server 2.0.35
Apache Http Server 2.0.36
Apache Http Server 2.0.37
Apache Http Server 2.0.38
Apache Http Server 2.0.39
Apache Http Server 2.0.40
Apache Http Server 2.0.41
Apache Http Server 2.0.42
Apache Http Server 2.0.43
Preferred Score:
CVSSv3
CVSSv2
CVSSv3
CVSSv4
EPSS
VMScore
Recommendations:
CVE-2024-55591
CVE-2024-13184
unauthorized
information disclosure
CVE-2024-13385
CVE-2024-43468
denial of service
CVE-2024-57370
CVE-2025-21606
Home
/
Search Results
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
NEXT »