| 2001-08-02 | CVE-2001-0590 | Unspecified vulnerability in Apache Tomcat
Apache Software Foundation Tomcat Servlet prior to 3.2.2 allows a remote attacker to read the source code to arbitrary 'jsp' files via a malformed URL request which does not end with an HTTP protocol specification (i.e. | 5.0 |
| 2001-02-16 | CVE-2001-0042 | Unspecified vulnerability in Apache Http Server 1.3
PHP 3.x (PHP3) on Apache 1.3.6 allows remote attackers to read arbitrary files via a modified .. | 5.0 |
| 2000-11-14 | CVE-2000-0869 | The default configuration of Apache 1.3.12 in SuSE Linux 6.4 enables WebDAV, which allows remote attackers to list arbitrary directories via the PROPFIND HTTP request method. | 5.0 |
| 2000-11-14 | CVE-2000-0868 | The default configuration of Apache 1.3.12 in SuSE Linux 6.4 allows remote attackers to read source code for CGI scripts by replacing the /cgi-bin/ in the requested URL with /cgi-bin-sdb/. | 5.0 |
| 2000-07-20 | CVE-2000-0672 | Unspecified vulnerability in Apache Tomcat 3.0/3.1
The default configuration of Jakarta Tomcat does not restrict access to the /admin context, which allows remote attackers to read arbitrary files by directly calling the administrative servlets to add a context for the root directory. | 5.0 |
| 1999-12-12 | CVE-1999-0289 | Unspecified vulnerability in Apache Http Server
The Apache web server for Win32 may provide access to restricted files when a . | 5.0 |
| 1999-06-03 | CVE-1999-1412 | A possible interaction between Apple MacOS X release 1.0 and Apache HTTP server allows remote attackers to cause a denial of service (crash) via a flood of HTTP GET requests to CGI programs, which generates a large number of processes. | 5.0 |
| 1999-01-17 | CVE-1999-0678 | A default configuration of Apache on Debian GNU/Linux sets the ServerRoot to /usr/doc, which allows remote users to read documentation files for the entire server. | 5.0 |
| 1997-12-30 | CVE-1999-0107 | Unspecified vulnerability in Apache Http Server
Buffer overflow in Apache 1.2.5 and earlier allows a remote attacker to cause a denial of service with a large number of GET requests containing a large number of / characters. | 5.0 |
| 1997-01-01 | CVE-1999-0236 | Information Exposure vulnerability in multiple products
ScriptAlias directory in NCSA and Apache httpd allowed attackers to read CGI programs. | 5.0 |