Public exploit available
Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-1999-0926Apache Http Server vulnerability

4 documents4 sources
Severity
10.0CRITICALNVD
EPSS
8.2%
top 7.79%
CISA KEV
Not in KEV
Exploit
PoC available
Public exploit / PoC exists
Affected products
1
Apache Http Server
Timeline
PublishedSep 3
Latest updateApr 30

Description

Apache allows remote attackers to conduct a denial of service via a large number of MIME headers.

CVSS vector

AV:N/AC:L/C:C/I:C/A:CExploitability: 10.0 | Impact: 10.0

Affected Packages1 packages

🔴Vulnerability Details

2
GHSA
GHSA-57g9-gx79-m728: Apache allows remote attackers to conduct a denial of service via a large number of MIME headers2022-04-30
CVEList
CVE-1999-0926: Apache allows remote attackers to conduct a denial of service via a large number of MIME headers2001-09-12

💥Exploits & PoCs

1
Exploit-DB
Apache 1.2.5/1.3.1 / UnityMail 2.0 - MIME Header Denial of Service1998-08-02
CVE-1999-0926 — Apache Http Server vulnerability | cvebase