| # |
CVE ID
|
CWE ID
|
# of Exploits
|
Vulnerability Type(s)
|
Publish Date
|
Update Date
|
Score
|
Gained Access Level
|
Access
|
Complexity
|
Authentication
|
Conf.
|
Integ.
|
Avail.
|
|
1 |
CVE-2013-1862 |
310 |
|
Exec Code |
2013-06-10 |
2013-06-11 |
5.1 |
None |
Remote |
High |
Not required |
Partial |
Partial |
Partial |
|
mod_rewrite.c in the mod_rewrite module in the Apache HTTP Server 2.2.x before 2.2.25 writes data to a log file without sanitizing non-printable characters, which might allow remote attackers to execute arbitrary commands via an HTTP request containing an escape sequence for a terminal emulator. |
|
2 |
CVE-2012-4557 |
399 |
|
DoS |
2012-11-30 |
2013-02-06 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
The mod_proxy_ajp module in the Apache HTTP Server 2.2.12 through 2.2.21 places a worker node into an error state upon detection of a long request-processing time, which allows remote attackers to cause a denial of service (worker consumption) via an expensive request. |
|
3 |
CVE-2012-1181 |
119 |
|
DoS Overflow |
2012-03-19 |
2012-09-07 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
fcgid_spawn_ctl.c in the mod_fcgid module 2.3.6 for the Apache HTTP Server does not recognize the FcgidMaxProcessesPerClass directive for a virtual host, which makes it easier for remote attackers to cause a denial of service (memory consumption) via a series of HTTP requests that triggers a process count higher than the intended limit. |
|
4 |
CVE-2011-3368 |
20 |
1
|
|
2011-10-05 |
2013-02-06 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
The mod_proxy module in the Apache HTTP Server 1.3.x through 1.3.42, 2.0.x through 2.0.64, and 2.2.x through 2.2.21 does not properly interact with use of (1) RewriteRule and (2) ProxyPassMatch pattern matches for configuration of a reverse proxy, which allows remote attackers to send requests to intranet servers via a malformed URI containing an initial @ (at sign) character. |
|
5 |
CVE-2011-1752 |
|
|
DoS |
2011-06-06 |
2012-02-03 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
The mod_dav_svn module for the Apache HTTP Server, as distributed in Apache Subversion before 1.6.17, allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via a request for a baselined WebDAV resource, as exploited in the wild in May 2011. |
|
6 |
CVE-2010-2791 |
200 |
|
+Info |
2010-08-05 |
2013-04-17 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
mod_proxy in httpd in Apache HTTP Server 2.2.9, when running on Unix, does not close the backend connection if a timeout occurs when reading a response from a persistent connection, which allows remote attackers to obtain a potentially sensitive response intended for a different client in opportunistic circumstances via a normal HTTP request. NOTE: this is the same issue as CVE-2010-2068, but for a different OS and set of affected versions. |
|
7 |
CVE-2010-2068 |
200 |
|
+Info |
2010-06-18 |
2013-04-17 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
mod_proxy_http.c in mod_proxy_http in the Apache HTTP Server 2.2.9 through 2.2.15, 2.3.4-alpha, and 2.3.5-alpha on Windows, NetWare, and OS/2, in certain configurations involving proxy worker pools, does not properly detect timeouts, which allows remote attackers to obtain a potentially sensitive response intended for a different client in opportunistic circumstances via a normal HTTP request. |
|
8 |
CVE-2010-1452 |
|
|
DoS |
2010-07-28 |
2012-01-18 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
The (1) mod_cache and (2) mod_dav modules in the Apache HTTP Server 2.2.x before 2.2.16 allow remote attackers to cause a denial of service (process crash) via a request that lacks a path. |
|
9 |
CVE-2010-0408 |
|
|
DoS |
2010-03-05 |
2013-04-17 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
The ap_proxy_ajp_request function in mod_proxy_ajp.c in mod_proxy_ajp in the Apache HTTP Server 2.2.x before 2.2.15 does not properly handle certain situations in which a client sends no request body, which allows remote attackers to cause a denial of service (backend server outage) via a crafted request, related to use of a 500 error code instead of the appropriate 400 error code. |
|
10 |
CVE-2009-3555 |
310 |
|
|
2009-11-09 |
2012-10-22 |
5.8 |
None |
Remote |
Medium |
Not required |
None |
Partial |
Partial |
|
The TLS protocol, and the SSL protocol 3.0 and possibly earlier, as used in Microsoft Internet Information Services (IIS) 7.0, mod_ssl in the Apache HTTP Server 2.2.14 and earlier, OpenSSL before 0.9.8l, GnuTLS 2.8.5 and earlier, Mozilla Network Security Services (NSS) 3.12.4 and earlier, multiple Cisco products, and other products, does not properly associate renegotiation handshakes with an existing connection, which allows man-in-the-middle attackers to insert data into HTTPS sessions, and possibly other types of sessions protected by TLS or SSL, by sending an unauthenticated request that is processed retroactively by a server in a post-renegotiation context, related to a "plaintext injection" attack, aka the "Project Mogul" issue. |
|
11 |
CVE-2009-2699 |
|
|
DoS |
2009-10-13 |
2013-04-17 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
The Solaris pollset feature in the Event Port backend in poll/unix/port.c in the Apache Portable Runtime (APR) library before 1.3.9, as used in the Apache HTTP Server before 2.2.14 and other products, does not properly handle errors, which allows remote attackers to cause a denial of service (daemon hang) via unspecified HTTP requests, related to the prefork and event MPMs. |
|
12 |
CVE-2008-2364 |
399 |
|
DoS |
2008-06-13 |
2011-07-06 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
The ap_proxy_http_process_response function in mod_proxy_http.c in the mod_proxy module in the Apache HTTP Server 2.0.63 and 2.2.8 does not limit the number of forwarded interim responses, which allows remote HTTP servers to cause a denial of service (memory consumption) via a large number of interim responses. |
|
13 |
CVE-2007-6750 |
399 |
|
DoS |
2011-12-27 |
2012-03-20 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
The Apache HTTP Server 1.x and 2.x allows remote attackers to cause a denial of service (daemon outage) via partial HTTP requests, as demonstrated by Slowloris, related to the lack of the mod_reqtimeout module in versions before 2.2.15. |
|
14 |
CVE-2007-3847 |
|
|
DoS |
2007-08-23 |
2010-08-21 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
The date handling code in modules/proxy/proxy_util.c (mod_proxy) in Apache 2.3.0, when using a threaded MPM, allows remote origin servers to cause a denial of service (caching forward proxy process crash) via crafted date headers that trigger a buffer over-read. |
|
15 |
CVE-2007-1862 |
|
|
+Info |
2007-06-04 |
2013-04-17 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
The recall_headers function in mod_mem_cache in Apache 2.2.4 does not properly copy all levels of header data, which can cause Apache to return HTTP headers containing previously used data, which could be used by remote attackers to obtain potentially sensitive information. |
|
16 |
CVE-2007-0450 |
22 |
|
Dir. Trav. |
2007-03-16 |
2010-08-21 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
Directory traversal vulnerability in Apache HTTP Server and Tomcat 5.x before 5.5.22 and 6.x before 6.0.10, when using certain proxy modules (mod_proxy, mod_rewrite, mod_jk), allows remote attackers to read arbitrary files via a .. (dot dot) sequence with combinations of (1) "/" (slash), (2) "\" (backslash), and (3) URL-encoded backslash (%5C) characters in the URL, which are valid separators in Tomcat but not in Apache. |
|
17 |
CVE-2005-3357 |
399 |
|
DoS |
2005-12-31 |
2011-09-21 |
5.4 |
None |
Remote |
High |
Not required |
None |
None |
Complete |
|
mod_ssl in Apache 2.0 up to 2.0.55, when configured with an SSL vhost with access control and a custom error 400 error page, allows remote attackers to cause a denial of service (application crash) via a non-SSL request to an SSL port, which triggers a NULL pointer dereference. |
|
18 |
CVE-2005-2970 |
|
|
DoS |
2005-10-25 |
2010-08-21 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
Memory leak in the worker MPM (worker.c) for Apache 2, in certain circumstances, allows remote attackers to cause a denial of service (memory consumption) via aborted connections, which prevents the memory for the transaction pool from being reused for other connections. |
|
19 |
CVE-2005-2728 |
|
|
DoS |
2005-08-30 |
2010-08-21 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
The byte-range filter in Apache 2.0 before 2.0.54 allows remote attackers to cause a denial of service (memory consumption) via an HTTP header with a large Range field. |
|
20 |
CVE-2005-1268 |
|
|
DoS Overflow |
2005-08-05 |
2010-08-21 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
Off-by-one error in the mod_ssl Certificate Revocation List (CRL) verification callback in Apache, when configured to use a CRL, allows remote attackers to cause a denial of service (child process crash) via a CRL that causes a buffer overflow of one null byte. |
|
21 |
CVE-2004-0942 |
|
|
DoS |
2005-02-09 |
2010-08-21 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
Apache webserver 2.0.52 and earlier allows remote attackers to cause a denial of service (CPU consumption) via an HTTP GET request with a MIME header containing multiple lines with a large number of space characters. |
|
22 |
CVE-2004-0809 |
|
|
DoS |
2004-09-16 |
2010-08-21 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
The mod_dav module in Apache 2.0.50 and earlier allows remote attackers to cause a denial of service (child process crash) via a certain sequence of LOCK requests for a location that allows WebDAV authoring access. |
|
23 |
CVE-2004-0786 |
|
|
DoS |
2004-10-20 |
2010-08-21 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
The IPv6 URI parsing routines in the apr-util library for Apache 2.0.50 and earlier allow remote attackers to cause a denial of service (child process crash) via a certain URI, as demonstrated using the Codenomicon HTTP Test Tool. |
|
24 |
CVE-2004-0751 |
|
|
DoS |
2004-10-20 |
2010-08-21 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
The char_buffer_read function in the mod_ssl module for Apache 2.x, when using reverse proxying to an SSL server, allows remote attackers to cause a denial of service (segmentation fault). |
|
25 |
CVE-2004-0748 |
|
|
DoS |
2004-10-20 |
2010-08-21 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
mod_ssl in Apache 2.0.50 and earlier allows remote attackers to cause a denial of service (CPU consumption) by aborting an SSL connection in a way that causes an Apache child process to enter an infinite loop. |
|
26 |
CVE-2004-0263 |
|
|
+Info |
2004-11-23 |
2008-09-10 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
PHP 4.3.4 and earlier in Apache 1.x and 2.x (mod_php) can leak global variables between virtual hosts that are handled by the same Apache child process but have different settings, which could allow remote attackers to obtain sensitive information. |
|
27 |
CVE-2004-0174 |
|
|
DoS |
2004-05-04 |
2008-09-10 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
Apache 1.4.x before 1.3.30, and 2.0.x before 2.0.49, when using multiple listening sockets on certain platforms, allows remote attackers to cause a denial of service (blocked new connections) via a "short-lived connection on a rarely-accessed listening socket." |
|
28 |
CVE-2004-0173 |
|
|
Dir. Trav. |
2004-04-15 |
2008-09-10 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
Directory traversal vulnerability in Apache 1.3.29 and earlier, and Apache 2.0.48 and earlier, when running on Cygwin, allows remote attackers to read arbitrary files via a URL containing "..%5C" (dot dot encoded backslash) sequences. |
|
29 |
CVE-2004-0113 |
|
|
DoS |
2004-03-29 |
2008-09-10 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
Memory leak in ssl_engine_io.c for mod_ssl in Apache 2 before 2.0.49 allows remote attackers to cause a denial of service (memory consumption) via plain HTTP requests to the SSL port of an SSL-enabled server. |
|
30 |
CVE-2003-0460 |
|
|
DoS |
2003-08-27 |
2008-09-05 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
The rotatelogs program on Apache before 1.3.28, for Windows and OS/2 systems, does not properly ignore certain control characters that are received over the pipe, which could allow remote attackers to cause a denial of service. |
|
31 |
CVE-2003-0254 |
|
|
DoS |
2003-08-18 |
2008-09-10 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
Apache 2 before 2.0.47, when running on an IPv6 host, allows attackers to cause a denial of service (CPU consumption by infinite loop) when the FTP proxy server fails to create an IPv6 socket. |
|
32 |
CVE-2003-0253 |
|
|
DoS |
2003-08-18 |
2008-09-10 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
The prefork MPM in Apache 2 before 2.0.47 does not properly handle certain errors from accept, which could lead to a denial of service. |
|
33 |
CVE-2003-0245 |
|
|
DoS Exec Code |
2003-06-09 |
2008-09-10 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
Vulnerability in the apr_psprintf function in the Apache Portable Runtime (APR) library for Apache 2.0.37 through 2.0.45 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via long strings, as demonstrated using XML objects to mod_dav, and possibly other vectors. |
|
34 |
CVE-2003-0189 |
|
|
DoS |
2003-06-09 |
2008-09-05 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
The authentication module for Apache 2.0.40 through 2.0.45 on Unix does not properly handle threads safely when using the crypt_r or crypt functions, which allows remote attackers to cause a denial of service (failed Basic authentication with valid usernames and passwords) when a threaded MPM is used. |
|
35 |
CVE-2003-0134 |
|
|
DoS |
2003-04-11 |
2008-09-05 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
Unknown vulnerability in filestat.c for Apache running on OS2, versions 2.0 through 2.0.45, allows unknown attackers to cause a denial of service via requests related to device names. |
|
36 |
CVE-2003-0132 |
|
|
DoS |
2003-04-11 |
2009-05-13 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
A memory leak in Apache 2.0 through 2.0.44 allows remote attackers to cause a denial of service (memory consumption) via large chunks of linefeed characters, which causes Apache to allocate 80 bytes for each linefeed. |
|
37 |
CVE-2003-0083 |
|
|
|
2003-04-02 |
2008-09-10 |
5.0 |
None |
Remote |
Low |
Not required |
None |
Partial |
None |
|
Apache 1.3 before 1.3.25 and Apache 2.0 before version 2.0.46 does not filter terminal escape sequences from its access logs, which could make it easier for attackers to insert those sequences into terminal emulators containing vulnerabilities related to escape sequences, a different vulnerability than CVE-2003-0020. |
|
38 |
CVE-2003-0020 |
|
|
|
2003-03-18 |
2008-09-05 |
5.0 |
None |
Remote |
Low |
Not required |
None |
Partial |
None |
|
Apache does not filter terminal escape sequences from its error logs, which could make it easier for attackers to insert those sequences into terminal emulators containing vulnerabilities related to escape sequences. |
|
39 |
CVE-2003-0017 |
|
|
|
2003-02-07 |
2008-09-10 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
Apache 2.0 before 2.0.44 on Windows platforms allows remote attackers to obtain certain files via an HTTP request that ends in certain illegal characters such as ">", which causes a different filename to be processed and served. |
|
40 |
CVE-2002-2103 |
|
|
|
2002-12-31 |
2008-09-05 |
5.0 |
None |
Remote |
Low |
Not required |
None |
Partial |
None |
|
Apache before 1.3.24, when writing to the log file, records a spoofed hostname from the reverse lookup of an IP address, even when a double-reverse lookup fails, which allows remote attackers to hide the original source of activities. |
|
41 |
CVE-2002-2012 |
|
|
|
2002-12-31 |
2008-09-05 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
Unknown vulnerability in Apache 1.3.19 running on HP Secure OS for Linux 1.0 allows remote attackers to cause "unexpected results" via an HTTP request. |
|
42 |
CVE-2002-1850 |
|
|
DoS |
2002-12-31 |
2008-09-10 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
mod_cgi in Apache 2.0.39 and 2.0.40 allows local users and possibly remote attackers to cause a denial of service (hang and memory consumption) by causing a CGI script to send a large amount of data to stderr, which results in a read/write deadlock between httpd and the CGI script. |
|
43 |
CVE-2002-1593 |
|
|
DoS |
2002-09-25 |
2008-09-05 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
mod_dav in Apache before 2.0.42 does not properly handle versioning hooks, which may allow remote attackers to kill a child process via a null dereference and cause a denial of service (CPU consumption) in a preforked multi-processing module. |
|
44 |
CVE-2002-1592 |
|
|
+Info |
2002-05-06 |
2008-09-05 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
The ap_log_rerror function in Apache 2.0 through 2.035, when a CGI application encounters an error, sends error messages to the client that include the full path for the server, which allows remote attackers to obtain sensitive information. |
|
45 |
CVE-2002-1156 |
|
|
|
2002-10-11 |
2008-09-05 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
Apache 2.0.42 allows remote attackers to view the source code of a CGI script via a POST request to a directory with both WebDAV and CGI enabled. |
|
46 |
CVE-2002-0654 |
|
|
|
2002-09-05 |
2008-09-10 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
Apache 2.0 through 2.0.39 on Windows, OS2, and Netware allows remote attackers to determine the full pathname of the server via (1) a request for a .var file, which leaks the pathname in the resulting error message, or (2) via an error message that occurs when a script (child process) cannot be invoked. |
|
47 |
CVE-2002-0249 |
|
|
|
2002-05-29 |
2008-09-05 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
PHP for Windows, when installed on Apache 2.0.28 beta as a standalone CGI module, allows remote attackers to obtain the physical path of the php.exe via a request with malformed arguments such as /123, which leaks the pathname in the error message. |
|
48 |
CVE-2002-0240 |
|
|
|
2002-05-29 |
2008-09-05 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
PHP, when installed with Apache and configured to search for index.php as a default web page, allows remote attackers to obtain the full pathname of the server via the HTTP OPTIONS method, which reveals the pathname in the resulting error message. |
|
49 |
CVE-2001-1556 |
|
|
|
2001-12-31 |
2008-09-05 |
5.0 |
None |
Remote |
Low |
Not required |
None |
Partial |
None |
|
The log files in Apache web server contain information directly supplied by clients and does not filter or quote control characters, which could allow remote attackers to hide HTTP requests and spoof source IP addresses when logs are viewed with UNIX programs such as cat, tail, and grep. |
|
50 |
CVE-2001-1342 |
|
|
DoS |
2001-05-12 |
2008-09-10 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
Apache before 1.3.20 on Windows and OS/2 systems allows remote attackers to cause a denial of service (GPF) via an HTTP request for a URI that contains a large number of / (slash) or other characters, which causes certain functions to dereference a null pointer. |
