Public exploit available
Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-1999-0107Improper Restriction of Operations within the Bounds of a Memory Buffer in Apache Http Server

4 documents4 sources
Severity
5.0MEDIUMNVD
EPSS
35.6%
top 2.92%
CISA KEV
Not in KEV
Exploit
PoC available
Public exploit / PoC exists
Affected products
1
Apache Http Server
Timeline
PublishedDec 30
Latest updateApr 30

Description

Buffer overflow in Apache 1.2.5 and earlier allows a remote attacker to cause a denial of service with a large number of GET requests containing a large number of / characters.

CVSS vector

AV:N/AC:L/C:N/I:N/A:PExploitability: 10.0 | Impact: 2.9

Affected Packages1 packages

NVDapache/http_server9 versions+8

🔴Vulnerability Details

2
GHSA
GHSA-qq9g-rvjp-rm4j: Buffer overflow in Apache 12022-04-30
CVEList
CVE-1999-0107: Buffer overflow in Apache 12000-02-04

💥Exploits & PoCs

1
Exploit-DB
Apache 1.2 - Denial of Service1997-12-30
CVE-1999-0107 — Apache Http Server vulnerability | cvebase