Vulnerabilities > Apache

DATE CVE VULNERABILITY TITLE RISK
2002-03-22 CVE-2000-1210 Directory Traversal vulnerability in Apache Tomcat 1.1.3/3.0/3.1
Directory traversal vulnerability in source.jsp of Apache Tomcat before 3.1 allows remote attackers to read arbitrary files via a ..
network
low complexity
apache
5.0
2002-03-21 CVE-2002-0061 Unspecified vulnerability in Apache Http Server 1.3.23/2.0.28
Apache for Win32 before 1.3.24, and 2.0.x before 2.0.34-beta, allows remote attackers to execute arbitrary commands via shell metacharacters (a | pipe character) provided as arguments to batch (.bat) or .cmd scripts, which are sent unfiltered to the shell interpreter, typically cmd.exe.
network
low complexity
apache
7.5
2001-12-31 CVE-2001-1563 Remote Security vulnerability in Tomcat
Unknown vulnerability in Tomcat 3.2.1 running on HP Secure OS for Linux 1.0 allows attackers to access servlet resources.
network
low complexity
apache hp
7.5
2001-12-31 CVE-2001-1556 Remote Security vulnerability in Apache
The log files in Apache web server contain information directly supplied by clients and does not filter or quote control characters, which could allow remote attackers to hide HTTP requests and spoof source IP addresses when logs are viewed with UNIX programs such as cat, tail, and grep.
network
low complexity
apache
5.0
2001-12-31 CVE-2001-1534 Session Fixation vulnerability in Apache Http Server
mod_usertrack in Apache 1.3.11 through 1.3.20 generates session ID's using predictable information including host IP address, system time and server process ID, which allows local users to obtain session ID's and bypass authentication when these session ID's are used for authentication.
local
low complexity
apache CWE-384
2.1
2001-12-06 CVE-2001-0829 Cross-Site Scripting vulnerability in Apache Tomcat 3.2.1
A cross-site scripting vulnerability in Apache Tomcat 3.2.1 allows a malicious webmaster to embed Javascript in a request for a .JSP file, which causes the Javascript to be inserted into an error message.
network
high complexity
apache
5.1
2001-11-28 CVE-2001-1449 Remote Security vulnerability in Apache
The default installation of Apache before 1.3.19 on Mandrake Linux 7.1 through 8.0 and Linux Corporate Server 1.0.1 allows remote attackers to list the directory index of arbitrary web directories.
network
low complexity
apache mandrakesoft
7.5
2001-11-22 CVE-2001-0917 Unspecified vulnerability in Apache Tomcat 4.0.1
Jakarta Tomcat 4.0.1 allows remote attackers to reveal physical path information by requesting a long URL with a .JSP extension.
network
low complexity
apache
5.0
2001-10-30 CVE-2001-0730 Unspecified vulnerability in Apache Http Server 1.3.20
split-logfile in Apache 1.3.20 allows remote attackers to overwrite arbitrary files that end in the .log extension via an HTTP request with a / (slash) in the Host: header.
network
low complexity
apache
5.0
2001-10-30 CVE-2001-0729 Unspecified vulnerability in Apache Http Server 1.3.20
Apache 1.3.20 on Windows servers allows remote attackers to bypass the default index page and list directory contents via a URL with a large number of / (slash) characters.
network
low complexity
apache
5.0