- EPSS 55.11%
- Veröffentlicht 09.02.2005 05:00:00
- Zuletzt bearbeitet 16.06.2026 22:06:42
Apache webserver 2.0.52 and earlier allows remote attackers to cause a denial of service (CPU consumption) via an HTTP GET request with a MIME header containing multiple lines with a large number of space characters.
CVE-2004-0811
- EPSS 6.81%
- Veröffentlicht 31.12.2004 05:00:00
- Zuletzt bearbeitet 16.06.2026 22:06:26
Unknown vulnerability in Apache 2.0.51 prevents "the merging of the Satisfy directive," which could allow attackers to obtain access to restricted resources contrary to the specified authentication configuration.
CVE-2004-1387
- EPSS 0.55%
- Veröffentlicht 31.12.2004 05:00:00
- Zuletzt bearbeitet 16.06.2026 22:07:36
The check_forensic script in apache-utils package 1.3.31 allows local users to overwrite or create arbitrary files via a symlink attack on temporary files.
CVE-2004-2343
- EPSS 0.6%
- Veröffentlicht 31.12.2004 05:00:00
- Zuletzt bearbeitet 16.06.2026 22:09:28
Apache HTTP Server 2.0.47 and earlier allows local users to bypass .htaccess file restrictions, as specified in httpd.conf with directives such as Deny From All, by using an ErrorDocument directive. NOTE: the vendor has disputed this issue, since the...
- EPSS 3.49%
- Veröffentlicht 23.11.2004 05:00:00
- Zuletzt bearbeitet 16.06.2026 22:05:16
PHP 4.3.4 and earlier in Apache 1.x and 2.x (mod_php) can leak global variables between virtual hosts that are handled by the same Apache child process but have different settings, which could allow remote attackers to obtain sensitive information.
CVE-2004-0885
- EPSS 13.84%
- Veröffentlicht 03.11.2004 05:00:00
- Zuletzt bearbeitet 16.06.2026 22:06:35
The mod_ssl module in Apache 2.0.35 through 2.0.52, when using the "SSLCipherSuite" directive in directory or location context, allows remote clients to bypass intended restrictions by using any cipher suite that is allowed by the virtual host config...
CVE-2004-0747
- EPSS 1.61%
- Veröffentlicht 20.10.2004 04:00:00
- Zuletzt bearbeitet 16.06.2026 22:06:17
Buffer overflow in Apache 2.0.50 and earlier allows local users to gain apache privileges via a .htaccess file that causes the overflow during expansion of environment variables.
- EPSS 22.31%
- Veröffentlicht 20.10.2004 04:00:00
- Zuletzt bearbeitet 16.06.2026 22:06:17
mod_ssl in Apache 2.0.50 and earlier allows remote attackers to cause a denial of service (CPU consumption) by aborting an SSL connection in a way that causes an Apache child process to enter an infinite loop.
- EPSS 69.65%
- Veröffentlicht 20.10.2004 04:00:00
- Zuletzt bearbeitet 16.06.2026 22:06:17
The char_buffer_read function in the mod_ssl module for Apache 2.x, when using reverse proxying to an SSL server, allows remote attackers to cause a denial of service (segmentation fault).
- EPSS 21.77%
- Veröffentlicht 20.10.2004 04:00:00
- Zuletzt bearbeitet 16.06.2026 22:06:22
The IPv6 URI parsing routines in the apr-util library for Apache 2.0.50 and earlier allow remote attackers to cause a denial of service (child process crash) via a certain URI, as demonstrated using the Codenomicon HTTP Test Tool.