Vulnerabilities > Apache > Http Server > 0.8.14
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2018-03-09 | CVE-2016-8612 | Improper Input Validation vulnerability in multiple products Apache HTTP Server mod_cluster before version httpd 2.4.23 is vulnerable to an Improper Input Validation in the protocol parsing logic in the load balancer resulting in a Segmentation Fault in the serving httpd process. | 4.3 |
2017-09-18 | CVE-2017-9798 | Use After Free vulnerability in multiple products Apache httpd allows remote attackers to read secret data from process memory if the Limit directive can be set in a user's .htaccess file, or if httpd.conf has certain misconfigurations, aka Optionsbleed. | 7.5 |
2017-07-13 | CVE-2017-9788 | Improper Input Validation vulnerability in multiple products In Apache httpd before 2.2.34 and 2.4.x before 2.4.27, the value placeholder in [Proxy-]Authorization headers of type 'Digest' was not initialized or reset before or between successive key=value assignments by mod_auth_digest. | 9.1 |
2011-12-27 | CVE-2007-6750 | Resource Management Errors vulnerability in Apache Http Server The Apache HTTP Server 1.x and 2.x allows remote attackers to cause a denial of service (daemon outage) via partial HTTP requests, as demonstrated by Slowloris, related to the lack of the mod_reqtimeout module in versions before 2.2.15. | 5.0 |
2004-05-04 | CVE-2004-0174 | Improper Locking vulnerability in Apache Http Server Apache 1.4.x before 1.3.30, and 2.0.x before 2.0.49, when using multiple listening sockets on certain platforms, allows remote attackers to cause a denial of service (blocked new connections) via a "short-lived connection on a rarely-accessed listening socket." | 7.5 |
2004-04-15 | CVE-2004-0173 | Directory Traversal vulnerability in Apache Cygwin Directory traversal vulnerability in Apache 1.3.29 and earlier, and Apache 2.0.48 and earlier, when running on Cygwin, allows remote attackers to read arbitrary files via a URL containing "..%5C" (dot dot encoded backslash) sequences. | 5.0 |
1999-12-31 | CVE-1999-1293 | Unspecified vulnerability in Apache Http Server mod_proxy in Apache 1.2.5 and earlier allows remote attackers to cause a denial of service via malformed FTP commands, which causes Apache to dump core. | 10.0 |
1997-12-30 | CVE-1999-0107 | Unspecified vulnerability in Apache Http Server Buffer overflow in Apache 1.2.5 and earlier allows a remote attacker to cause a denial of service with a large number of GET requests containing a large number of / characters. | 5.0 |
1996-12-10 | CVE-1999-0045 | List of arbitrary files on Web host via nph-test-cgi script. | 7.5 |