Apache

HTTP Server

330 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
  • EPSS 6.77%
  • Veröffentlicht 30.10.2001 05:00:00
  • Zuletzt bearbeitet 16.06.2026 21:54:50

Apache 1.3.20 on Windows servers allows remote attackers to bypass the default index page and list directory contents via a URL with a large number of / (slash) characters.

  • EPSS 11.92%
  • Veröffentlicht 30.10.2001 05:00:00
  • Zuletzt bearbeitet 16.06.2026 21:54:51

split-logfile in Apache 1.3.20 allows remote attackers to overwrite arbitrary files that end in the .log extension via an HTTP request with a / (slash) in the Host: header.

Exploit
  • EPSS 8.86%
  • Veröffentlicht 18.10.2001 04:00:00
  • Zuletzt bearbeitet 16.06.2026 21:54:55

Apache on MacOS X Client 10.0.3 with the HFS+ file system allows remote attackers to bypass access restrictions via a URL that contains some characters whose case is not matched by Apache's filters.

  • EPSS 56.76%
  • Veröffentlicht 01.10.2001 04:00:00
  • Zuletzt bearbeitet 16.06.2026 21:54:51

Apache 1.3.20 with Multiviews enabled allows remote attackers to view directory contents and bypass the index page via a URL containing the "M=D" query string.

  • EPSS 4.31%
  • Veröffentlicht 31.08.2001 04:00:00
  • Zuletzt bearbeitet 16.06.2026 21:55:31

Apache with mod_rewrite enabled on most UNIX systems allows remote attackers to bypass RewriteRules by inserting extra / (slash) characters into the requested path, which causes the regular expression in the RewriteRule to fail.

  • EPSS 12.01%
  • Veröffentlicht 12.05.2001 04:00:00
  • Zuletzt bearbeitet 16.06.2026 21:56:04

Apache before 1.3.20 on Windows and OS/2 systems allows remote attackers to cause a denial of service (GPF) via an HTTP request for a URI that contains a large number of / (slash) or other characters, which causes certain functions to dereference a n...

  • EPSS 2.31%
  • Veröffentlicht 12.03.2001 05:00:00
  • Zuletzt bearbeitet 16.06.2026 21:53:43

htpasswd and htdigest in Apache 2.0a9, 1.3.14, and others allows local users to overwrite arbitrary files via a symlink attack.

Exploit
  • EPSS 75.24%
  • Veröffentlicht 12.03.2001 05:00:00
  • Zuletzt bearbeitet 16.06.2026 21:55:14

The default installation of Apache before 1.3.19 allows remote attackers to list directories instead of the multiview index.html file via an HTTP request for a path that contains many / (slash) characters, which causes the path to be mishandled by (1...

Exploit
  • EPSS 8.6%
  • Veröffentlicht 16.02.2001 05:00:00
  • Zuletzt bearbeitet 16.06.2026 21:53:32

PHP 3.x (PHP3) on Apache 1.3.6 allows remote attackers to read arbitrary files via a modified .. (dot dot) attack containing "%5c" (encoded backslash) sequences.

  • EPSS 34.58%
  • Veröffentlicht 19.12.2000 05:00:00
  • Zuletzt bearbeitet 16.06.2026 21:52:45

mod_rewrite in Apache 1.3.12 and earlier allows remote attackers to read arbitrary files if a RewriteRule directive is expanded to include a filename whose name contains a regular expression.