Vulnerabilities > Apache > Http Server > 1.3.26
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2002-12-31 | CVE-2002-2272 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Apache Http Server and Tomcat Tomcat 4.0 through 4.1.12, using mod_jk 1.2.1 module on Apache 1.3 through 1.3.27, allows remote attackers to cause a denial of service (desynchronized communications) via an HTTP GET request with a Transfer-Encoding chunked field with invalid values. | 7.8 |
2002-12-31 | CVE-2002-1658 | Buffer Overflow vulnerability in Multiple Apache HTDigest Buffer overflow in htdigest in Apache 1.3.26 and 1.3.27 may allow attackers to execute arbitrary code via a long user argument. | 4.6 |
2002-11-04 | CVE-2002-1233 | Unspecified vulnerability in Apache Http Server A regression error in the Debian distributions of the apache-ssl package (before 1.3.9 on Debian 2.2, and before 1.3.26 on Debian 3.0), for Apache 1.3.27 and earlier, allows local users to read or modify the Apache password file via a symlink attack on temporary files when the administrator runs (1) htpasswd or (2) htdigest, a re-introduction of a vulnerability that was originally identified and addressed by CVE-2001-0131. | 2.6 |