Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
apache http server 1.3.9 vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv3
CVE-2009-2699
The Solaris pollset feature in the Event Port backend in poll/unix/port.c in the Apache Portable Runtime (APR) library prior to 1.3.9, as used in the Apache HTTP Server prior to 2.2.14 and other products, does not properly handle errors, which allows remote malicious users to cau...
Apache Http Server
Apache Portable Runtime
NA
CVE-2007-6750
The Apache HTTP Server 1.x and 2.x allows remote malicious users to cause a denial of service (daemon outage) via partial HTTP requests, as demonstrated by Slowloris, related to the lack of the mod_reqtimeout module in versions prior to 2.2.15.
Apache Http Server 1.3.18
Apache Http Server 1.3.17
Apache Http Server 1.3.22
Apache Http Server 1.3.23
Apache Http Server 1.2
Apache Http Server 1.3.16
Apache Http Server 1.3.15
Apache Http Server 1.0.2
Apache Http Server 1.3.34
Apache Http Server 1.3.36
Apache Http Server 1.3.0
Apache Http Server 1.3.38
Apache Http Server 1.3.42
Apache Http Server 1.3.2
Apache Http Server 1.0
Apache Http Server 1.1
Apache Http Server 1.3.1
Apache Http Server 1.3.11
Apache Http Server 1.3.30
Apache Http Server 1.3.31
Apache Http Server 1.3.5
Apache Http Server 1.4.0
1 Nmap script
17 Github repositories
NA
CVE-2011-4317
The mod_proxy module in the Apache HTTP Server 1.3.x up to and including 1.3.42, 2.0.x up to and including 2.0.64, and 2.2.x up to and including 2.2.21, when the Revision 1179239 patch is in place, does not properly interact with use of (1) RewriteRule and (2) ProxyPassMatch patt...
Apache Http Server 1.3.38
Apache Http Server 1.3.23
Apache Http Server 1.3.27
Apache Http Server 1.3.10
Apache Http Server 1.3.33
Apache Http Server 1.3.8
Apache Http Server 1.3.36
Apache Http Server 1.3.16
Apache Http Server 1.3.1
Apache Http Server 1.3.25
Apache Http Server 1.3.28
Apache Http Server 1.3.19
Apache Http Server 1.3.31
Apache Http Server 1.3.68
Apache Http Server 1.3.24
Apache Http Server 1.3.5
Apache Http Server 1.3.20
Apache Http Server 1.3.35
Apache Http Server 1.3.6
Apache Http Server 1.3.2
Apache Http Server 1.3.34
Apache Http Server 1.3.4
1 EDB exploit
NA
CVE-2011-3368
The mod_proxy module in the Apache HTTP Server 1.3.x up to and including 1.3.42, 2.0.x up to and including 2.0.64, and 2.2.x up to and including 2.2.21 does not properly interact with use of (1) RewriteRule and (2) ProxyPassMatch pattern matches for configuration of a reverse pro...
Apache Http Server 1.3.38
Apache Http Server 1.3.23
Apache Http Server 1.3.27
Apache Http Server 1.3.10
Apache Http Server 1.3.33
Apache Http Server 1.3.8
Apache Http Server 1.3.36
Apache Http Server 1.3.16
Apache Http Server 1.3.1
Apache Http Server 1.3.25
Apache Http Server 1.3.28
Apache Http Server 1.3.19
Apache Http Server 1.3.31
Apache Http Server 1.3.68
Apache Http Server 1.3.24
Apache Http Server 1.3.5
Apache Http Server 1.3.20
Apache Http Server 1.3.35
Apache Http Server 1.3.6
Apache Http Server 1.3.2
Apache Http Server 1.3.34
Apache Http Server 1.3.4
1 EDB exploit
2 Nmap scripts
2 Github repositories
NA
CVE-2010-1623
Memory leak in the apr_brigade_split_line function in buckets/apr_brigade.c in the Apache Portable Runtime Utility library (aka APR-util) prior to 1.3.10, as used in the mod_reqtimeout module in the Apache HTTP Server and other software, allows remote malicious users to cause a d...
Apache Apr-util 1.3.6
Apache Apr-util 1.2.13
Apache Apr-util 1.3.3
Apache Apr-util 0.9.11
Apache Apr-util 0.9.9
Apache Apr-util 1.2.7
Apache Apr-util 0.9.13
Apache Apr-util 1.2.8
Apache Apr-util 1.2.2
Apache Apr-util 1.3.0
Apache Apr-util 1.3.4
Apache Apr-util 0.9.4
Apache Apr-util 1.0.2
Apache Apr-util 0.9.14
Apache Apr-util 1.0
Apache Apr-util 1.2.1
Apache Apr-util 0.9.3
Apache Apr-util
Apache Apr-util 1.1.0
Apache Apr-util 0.9.12
Apache Apr-util 0.9.1
Apache Apr-util 0.9.7
NA
CVE-2004-0263
PHP 4.3.4 and previous versions in Apache 1.x and 2.x (mod_php) can leak global variables between virtual hosts that are handled by the same Apache child process but have different settings, which could allow remote malicious users to obtain sensitive information.
Apache Http Server 1.0.3
Apache Http Server 1.0.5
Apache Http Server 1.3.11
Apache Http Server 1.3.12
Apache Http Server 1.2
Apache Http Server 1.2.5
Apache Http Server 1.3.18
Apache Http Server 1.3.19
Apache Http Server 1.3.20
Apache Http Server 1.3.28
Apache Http Server 1.3.29
Apache Http Server 2.0.28
Apache Http Server 2.0.41
Apache Http Server 2.0.42
Apache Http Server 2.0.9
Ibm Http Server 1.3.19
Apache Http Server 1.3.24
Apache Http Server 1.3.25
Apache Http Server 1.3.6
Apache Http Server 1.3.7
Apache Http Server 2.0.36
Apache Http Server 2.0.37
NA
CVE-2003-0993
mod_access in Apache 1.3 prior to 1.3.30, when running big-endian 64-bit platforms, does not properly parse Allow/Deny rules using IP addresses without a netmask, which could allow remote malicious users to bypass intended access restrictions.
Apache Http Server 1.3.23
Apache Http Server 1.3.27
Apache Http Server 1.3.1
Apache Http Server 1.3.25
Apache Http Server 1.3.28
Apache Http Server 1.3.19
Apache Http Server 1.3.24
Apache Http Server 1.3.20
Apache Http Server 1.3.7
Apache Http Server 1.3.6
Apache Http Server 1.3.4
Apache Http Server 1.3.18
Apache Http Server 1.3
Apache Http Server 1.3.12
Apache Http Server 1.3.3
Apache Http Server 1.3.17
Apache Http Server 1.3.26
Apache Http Server 1.3.9
Apache Http Server 1.3.14
Apache Http Server 1.3.29
Apache Http Server 1.3.22
Apache Http Server 1.3.11
NA
CVE-2004-1082
mod_digest_apple for Apache 1.3.31 and 1.3.32 on Mac OS X Server does not properly verify the nonce of a client response, which allows remote malicious users to replay credentials.
Apache Http Server 1.3.12
Apache Http Server 1.3.14
Apache Http Server 1.3.24
Apache Http Server 1.3.25
Apache Http Server 1.3.6
Apache Http Server 1.3.7
Apache Http Server 1.3.9
Hp Virtualvault 4.5
Hp Virtualvault 4.6
Apache Http Server 1.3
Apache Http Server 1.3.19
Apache Http Server 1.3.20
Apache Http Server 1.3.28
Apache Http Server 1.3.29
Avaya Communication Manager 1.3.1
Avaya Communication Manager 2.0
Hp Webproxy A.02.10
Ibm Http Server 1.3.19
Apache Http Server 1.3.17
Apache Http Server 1.3.18
Apache Http Server 1.3.26
Apache Http Server 1.3.27
NA
CVE-2003-0542
Multiple stack-based buffer overflows in (1) mod_alias and (2) mod_rewrite for Apache prior to 1.3.29 allow malicious users to create configuration files to cause a denial of service (crash) or execute arbitrary code via a regular expression with more than 9 captures.
Apache Http Server 2.0.42
Apache Http Server 1.3.23
Apache Http Server 2.0.47
Apache Http Server 1.3.27
Apache Http Server 2.0.35
Apache Http Server 2.0.37
Apache Http Server 2.0.44
Apache Http Server 1.3.1
Apache Http Server 1.3.25
Apache Http Server 1.3.28
Apache Http Server 1.3.19
Apache Http Server 2.0.39
Apache Http Server 1.3.24
Apache Http Server 1.3.20
Apache Http Server 1.3.6
Apache Http Server 2.0.41
Apache Http Server 1.3.4
Apache Http Server 1.3.18
Apache Http Server 2.0.32
Apache Http Server 2.0.38
Apache Http Server 1.3
Apache Http Server 1.3.12
NA
CVE-2002-1658
Buffer overflow in htdigest in Apache 1.3.26 and 1.3.27 may allow malicious users to execute arbitrary code via a long user argument. NOTE: since htdigest is normally only locally accessible and not setuid or setgid, there are few attack vectors which would lead to an escalation ...
Apache Http Server 1.3.17
Apache Http Server 1.3.18
Apache Http Server 1.3.26
Apache Http Server 1.3.27
Apache Http Server 1.3.1
Apache Http Server 1.3.11
Apache Http Server 1.3.22
Apache Http Server 1.3.23
Apache Http Server 1.3.6
Apache Http Server 1.3.9
Apache Http Server 1.3.12
Apache Http Server 1.3.14
Apache Http Server 1.3.24
Apache Http Server 1.3.25
Apache Http Server 1.3.19
Apache Http Server 1.3.20
Apache Http Server 1.3.3
Apache Http Server 1.3.4
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-4463
CVE-2024-29895
inject
CVE-2023-52689
CVE-2024-5049
CVE-2024-5051
privilege escalation
physical
CVE-2023-52676
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
NEXT »