Apache

HTTP Server

330 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
Exploit
  • EPSS 60.78%
  • Veröffentlicht 30.11.2011 04:05:58
  • Zuletzt bearbeitet 16.06.2026 23:34:45

The mod_proxy module in the Apache HTTP Server 1.3.x through 1.3.42, 2.0.x through 2.0.64, and 2.2.x through 2.2.21, when the Revision 1179239 patch is in place, does not properly interact with use of (1) RewriteRule and (2) ProxyPassMatch pattern ma...

Exploit
  • EPSS 4.72%
  • Veröffentlicht 08.11.2011 11:55:05
  • Zuletzt bearbeitet 16.06.2026 23:33:35

Integer overflow in the ap_pregsub function in server/util.c in the Apache HTTP Server 2.0.x through 2.0.64 and 2.2.x through 2.2.21, when the mod_setenvif module is enabled, allows local users to gain privileges via a .htaccess file with a crafted S...

Exploit
  • EPSS 3.1%
  • Veröffentlicht 08.11.2011 11:55:05
  • Zuletzt bearbeitet 16.06.2026 23:34:53

The ap_pregsub function in server/util.c in the Apache HTTP Server 2.0.x through 2.0.64 and 2.2.x through 2.2.21, when the mod_setenvif module is enabled, does not restrict the size of values of environment variables, which allows local users to caus...

Exploit
  • EPSS 90.73%
  • Veröffentlicht 05.10.2011 22:55:02
  • Zuletzt bearbeitet 16.06.2026 23:33:09

The mod_proxy module in the Apache HTTP Server 1.3.x through 1.3.42, 2.0.x through 2.0.64, and 2.2.x through 2.2.21 does not properly interact with use of (1) RewriteRule and (2) ProxyPassMatch pattern matches for configuration of a reverse proxy, wh...

Exploit
  • EPSS 22.38%
  • Veröffentlicht 20.09.2011 05:55:02
  • Zuletzt bearbeitet 16.06.2026 23:33:07

The mod_proxy_ajp module in the Apache HTTP Server before 2.2.21, when used with mod_proxy_balancer in certain configurations, allows remote attackers to cause a denial of service (temporary "error state" in the backend server) via a malformed HTTP r...

Exploit
  • EPSS 98.95%
  • Veröffentlicht 29.08.2011 15:55:02
  • Zuletzt bearbeitet 16.06.2026 23:32:50

The byterange filter in the Apache HTTP Server 1.3.x, 2.0.x through 2.0.64, and 2.2.x through 2.2.19 allows remote attackers to cause a denial of service (memory and CPU consumption) via a Range header that expresses multiple overlapping ranges, as e...

  • EPSS 10.32%
  • Veröffentlicht 24.05.2011 23:55:03
  • Zuletzt bearbeitet 16.06.2026 23:30:24

The fnmatch implementation in apr_fnmatch.c in the Apache Portable Runtime (APR) library 1.4.3 and 1.4.4, and the Apache HTTP Server 2.2.18, allows remote attackers to cause a denial of service (infinite loop) via a URI that does not match unspecifie...

Exploit
  • EPSS 30.41%
  • Veröffentlicht 16.05.2011 17:55:02
  • Zuletzt bearbeitet 16.06.2026 23:27:19

Stack consumption vulnerability in the fnmatch implementation in apr_fnmatch.c in the Apache Portable Runtime (APR) library before 1.4.3 and the Apache HTTP Server before 2.2.18, and in fnmatch.c in libc in NetBSD 5.1, OpenBSD 4.8, FreeBSD, Apple Mac...

  • EPSS 20.17%
  • Veröffentlicht 04.10.2010 21:00:03
  • Zuletzt bearbeitet 16.06.2026 23:18:43

Memory leak in the apr_brigade_split_line function in buckets/apr_brigade.c in the Apache Portable Runtime Utility library (aka APR-util) before 1.3.10, as used in the mod_reqtimeout module in the Apache HTTP Server and other software, allows remote ...

  • EPSS 8.28%
  • Veröffentlicht 05.08.2010 18:17:57
  • Zuletzt bearbeitet 16.06.2026 23:21:30

mod_proxy in httpd in Apache HTTP Server 2.2.9, when running on Unix, does not close the backend connection if a timeout occurs when reading a response from a persistent connection, which allows remote attackers to obtain a potentially sensitive resp...