National Vulnerability Database

National Vulnerability Database

National Vulnerability
Database

Search Results (Refine Search)

Search Parameters:
  • Contains Software Flaws (CVE)
  • CPE Product Version: cpe:/a:apache:http_server:2.4.6
There are 66 matching records.
Displaying matches 61 through 66.
Vuln ID Summary CVSS Severity
CVE-1999-0289

The Apache web server for Win32 may provide access to restricted files when a . (dot) is appended to a requested URL.

Published: December 12, 1999; 12:00:00 AM -05:00
    V2: 5.0 MEDIUM
CVE-1999-1237

Multiple buffer overflows in smbvalid/smbval SMB authentication library, as used in Apache::AuthenSmb and possibly other modules, allows remote attackers to execute arbitrary commands via (1) a long username, (2) a long password, and (3) other unspecified methods.

Published: June 06, 1999; 12:00:00 AM -04:00
    V2: 10.0 HIGH
CVE-1999-1412

A possible interaction between Apple MacOS X release 1.0 and Apache HTTP server allows remote attackers to cause a denial of service (crash) via a flood of HTTP GET requests to CGI programs, which generates a large number of processes.

Published: June 03, 1999; 12:00:00 AM -04:00
    V2: 10.0 HIGH
CVE-1999-0678

A default configuration of Apache on Debian GNU/Linux sets the ServerRoot to /usr/doc, which allows remote users to read documentation files for the entire server.

Published: January 17, 1999; 12:00:00 AM -05:00
    V2: 5.0 MEDIUM
CVE-1999-0236

ScriptAlias directory in NCSA and Apache httpd allowed attackers to read CGI programs.

Published: January 01, 1997; 12:00:00 AM -05:00
    V2: 10.0 HIGH
CVE-1999-0070

test-cgi program allows an attacker to list files on the server.

Published: April 01, 1996; 12:00:00 AM -05:00
    V2: 5.0 MEDIUM