Apache: >> Http Server >> 1.0.5 Security Vulnerabilities
Apache for Win32 before 1.3.24, and 2.0.x before 2.0.34-beta, allows remote attackers to execute arbitrary commands via shell metacharacters (a | pipe character) provided as arguments to batch (.bat) or .cmd scripts, which are sent unfiltered to the shell interpreter, typically cmd.exe.
CVSS Score
7.5
EPSS Score
0.837
Published
2002-03-21
mod_rewrite in Apache 1.3.12 and earlier allows remote attackers to read arbitrary files if a RewriteRule directive is expanded to include a filename whose name contains a regular expression.
CVSS Score
5.0
EPSS Score
0.117
Published
2000-12-19
mod_proxy in Apache 1.2.5 and earlier allows remote attackers to cause a denial of service via malformed FTP commands, which causes Apache to dump core.
CVSS Score
10.0
EPSS Score
0.012
Published
1999-12-31
Apache WWW server 1.3.1 and earlier allows remote attackers to cause a denial of service (resource exhaustion) via a large number of MIME headers with the same name, aka the "sioux" vulnerability.
CVSS Score
10.0
EPSS Score
0.055
Published
1998-08-07
Buffer overflow in Apache 1.2.5 and earlier allows a remote attacker to cause a denial of service with a large number of GET requests containing a large number of / characters.
CVSS Score
5.0
EPSS Score
0.12
Published
1997-12-30
List of arbitrary files on Web host via nph-test-cgi script.
CVSS Score
7.5
EPSS Score
0.098
Published
1996-12-10
test-cgi program allows an attacker to list files on the server.
CVSS Score
5.0
EPSS Score
0.41
Published
1996-04-01
Page 6