Filtered by vendor Apache Subscriptions
Total 2344 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2000-0913 1 Apache 1 Http Server 2024-11-21 N/A
mod_rewrite in Apache 1.3.12 and earlier allows remote attackers to read arbitrary files if a RewriteRule directive is expanded to include a filename whose name contains a regular expression.
CVE-2000-0869 2 Apache, Suse 2 Http Server, Suse Linux 2024-11-21 N/A
The default configuration of Apache 1.3.12 in SuSE Linux 6.4 enables WebDAV, which allows remote attackers to list arbitrary directories via the PROPFIND HTTP request method.
CVE-2000-0868 2 Apache, Suse 2 Http Server, Suse Linux 2024-11-21 N/A
The default configuration of Apache 1.3.12 in SuSE Linux 6.4 allows remote attackers to read source code for CGI scripts by replacing the /cgi-bin/ in the requested URL with /cgi-bin-sdb/.
CVE-2000-0760 1 Apache 1 Tomcat 2024-11-21 N/A
The Snoop servlet in Jakarta Tomcat 3.1 and 3.0 under Apache reveals sensitive system information when a remote attacker requests a nonexistent URL with a .snp extension.
CVE-2000-0759 1 Apache 1 Tomcat 2024-11-21 N/A
Jakarta Tomcat 3.1 under Apache reveals physical path information when a remote attacker requests a URL that does not exist, which generates an error message that includes the physical path.
CVE-2000-0672 1 Apache 1 Tomcat 2024-11-21 N/A
The default configuration of Jakarta Tomcat does not restrict access to the /admin context, which allows remote attackers to read arbitrary files by directly calling the administrative servlets to add a context for the root directory.
CVE-2000-0505 2 Apache, Ibm 2 Http Server, Http Server 2024-11-21 N/A
The Apache 1.3.x HTTP server for Windows platforms allows remote attackers to list directory contents by requesting a URL containing a large number of / characters.
CVE-1999-1412 2 Apache, Apple 2 Http Server, Macos 2024-11-21 N/A
A possible interaction between Apple MacOS X release 1.0 and Apache HTTP server allows remote attackers to cause a denial of service (crash) via a flood of HTTP GET requests to CGI programs, which generates a large number of processes.
CVE-1999-1293 1 Apache 1 Http Server 2024-11-21 N/A
mod_proxy in Apache 1.2.5 and earlier allows remote attackers to cause a denial of service via malformed FTP commands, which causes Apache to dump core.
CVE-1999-1237 1 Apache 1 Http Server 2024-11-21 N/A
Multiple buffer overflows in smbvalid/smbval SMB authentication library, as used in Apache::AuthenSmb and possibly other modules, allows remote attackers to execute arbitrary commands via (1) a long username, (2) a long password, and (3) other unspecified methods.
CVE-1999-1199 1 Apache 1 Http Server 2024-11-21 N/A
Apache WWW server 1.3.1 and earlier allows remote attackers to cause a denial of service (resource exhaustion) via a large number of MIME headers with the same name, aka the "sioux" vulnerability.
CVE-1999-1053 2 Apache, Matt Wright 2 Http Server, Matt Wright Guestbook 2024-11-21 N/A
guestbook.pl cleanses user-inserted SSI commands by removing text between "<!--" and "-->" separators, which allows remote attackers to execute arbitrary commands when guestbook.pl is run on Apache 1.3.9 and possibly other versions, since Apache allows other closing sequences besides "-->".
CVE-1999-0926 1 Apache 1 Http Server 2024-11-21 N/A
Apache allows remote attackers to conduct a denial of service via a large number of MIME headers.
CVE-1999-0678 2 Apache, Debian 2 Http Server, Debian Linux 2024-11-21 N/A
A default configuration of Apache on Debian GNU/Linux sets the ServerRoot to /usr/doc, which allows remote users to read documentation files for the entire server.
CVE-1999-0289 2 Apache, Microsoft 2 Http Server, Windows 2024-11-21 N/A
The Apache web server for Win32 may provide access to restricted files when a . (dot) is appended to a requested URL.
CVE-1999-0236 2 Apache, Illinois 2 Http Server, Ncsa Httpd 2024-11-21 7.5 High
ScriptAlias directory in NCSA and Apache httpd allowed attackers to read CGI programs.
CVE-1999-0107 1 Apache 1 Http Server 2024-11-21 N/A
Buffer overflow in Apache 1.2.5 and earlier allows a remote attacker to cause a denial of service with a large number of GET requests containing a large number of / characters.
CVE-1999-0071 1 Apache 1 Http Server 2024-11-21 N/A
Apache httpd cookie buffer overflow for versions 1.1.1 and earlier.
CVE-1999-0070 1 Apache 1 Http Server 2024-11-21 N/A
test-cgi program allows an attacker to list files on the server.
CVE-1999-0067 2 Apache, Ncsa 2 Http Server, Ncsa Httpd 2024-11-21 N/A
phf CGI program allows remote command execution through shell metacharacters.