Apache Http Server vulnerabilities

CVE-2003-0993 [HIGH] CVE-2003-0993: mod_access in Apache 1.3 before 1.3.30, when running big-endian 64-bit platforms, does not properly mod_access in Apache 1.3 before 1.3.30, when running big-endian 64-bit platforms, does not properly parse Allow/Deny rules using IP addresses without a netmask, which could allow remote attackers to bypass intended access restrictions.

CVE-2004-0113 [MEDIUM] CVE-2004-0113: Memory leak in ssl_engine_io.c for mod_ssl in Apache 2 before 2.0.49 allows remote attackers to caus Memory leak in ssl_engine_io.c for mod_ssl in Apache 2 before 2.0.49 allows remote attackers to cause a denial of service (memory consumption) via plain HTTP requests to the SSL port of an SSL-enabled server.

CVE-2004-1834 [LOW] CVE-2004-1834: mod_disk_cache in Apache 2.0 through 2.0.49 stores client headers, including authentication informat mod_disk_cache in Apache 2.0 through 2.0.49 stores client headers, including authentication information, on the hard disk, which could allow local users to gain sensitive information.

CVE-2003-0987 [HIGH] CVE-2003-0987: mod_digest for Apache before 1.3.31 does not properly verify the nonce of a client response by using mod_digest for Apache before 1.3.31 does not properly verify the nonce of a client response by using a AuthNonce secret.

CVE-2004-1082 [HIGH] CVE-2004-1082: mod_digest_apple for Apache 1.3.31 and 1.3.32 on Mac OS X Server does not properly verify the nonce mod_digest_apple for Apache 1.3.31 and 1.3.32 on Mac OS X Server does not properly verify the nonce of a client response, which allows remote attackers to replay credentials.

CVE-2003-1307 [MEDIUM] CVE-2003-1307: The mod_php module for the Apache HTTP Server allows local users with write access to PHP scripts to The mod_php module for the Apache HTTP Server allows local users with write access to PHP scripts to send signals to the server's process group and use the server's file descriptors, as demonstrated by sending a STOP signal, then intercepting incoming connections on the server's TCP port. NOTE: the PHP developer has disputed this vulnerability, saying "The op

CVE-2003-1418 [MEDIUM] CWE-200 CVE-2003-1418: Apache HTTP Server 1.3.22 through 1.3.27 on OpenBSD allows remote attackers to obtain sensitive info Apache HTTP Server 1.3.22 through 1.3.27 on OpenBSD allows remote attackers to obtain sensitive information via (1) the ETag header, which reveals the inode number, or (2) multipart MIME boundary, which reveals child process IDs (PID).

CVE-2003-0789 [CRITICAL] CVE-2003-0789: mod_cgid in Apache before 2.0.48, when using a threaded MPM, does not properly handle CGI redirect p mod_cgid in Apache before 2.0.48, when using a threaded MPM, does not properly handle CGI redirect paths, which could cause Apache to send the output of a CGI program to the wrong client.

CVE-2003-0542 [HIGH] CWE-119 CVE-2003-0542: Multiple stack-based buffer overflows in (1) mod_alias and (2) mod_rewrite for Apache before 1.3.29 Multiple stack-based buffer overflows in (1) mod_alias and (2) mod_rewrite for Apache before 1.3.29 allow attackers to create configuration files to cause a denial of service (crash) or execute arbitrary code via a regular expression with more than 9 captures.

CVE-2003-0460 [MEDIUM] CVE-2003-0460: The rotatelogs program on Apache before 1.3.28, for Windows and OS/2 systems, does not properly igno The rotatelogs program on Apache before 1.3.28, for Windows and OS/2 systems, does not properly ignore certain control characters that are received over the pipe, which could allow remote attackers to cause a denial of service.

CVE-2003-0192 [MEDIUM] CVE-2003-0192: Apache 2 before 2.0.47, and certain versions of mod_ssl for Apache 1.3, do not properly handle "cert Apache 2 before 2.0.47, and certain versions of mod_ssl for Apache 1.3, do not properly handle "certain sequences of per-directory renegotiations and the SSLCipherSuite directive being used to upgrade from a weak ciphersuite to a strong one," which could cause Apache to use the weak ciphersuite.

CVE-2003-0253 [MEDIUM] CVE-2003-0253: The prefork MPM in Apache 2 before 2.0.47 does not properly handle certain errors from accept, which The prefork MPM in Apache 2 before 2.0.47 does not properly handle certain errors from accept, which could lead to a denial of service.

CVE-2003-0254 [MEDIUM] CVE-2003-0254: Apache 2 before 2.0.47, when running on an IPv6 host, allows attackers to cause a denial of service Apache 2 before 2.0.47, when running on an IPv6 host, allows attackers to cause a denial of service (CPU consumption by infinite loop) when the FTP proxy server fails to create an IPv6 socket.

CVE-2003-0245 [MEDIUM] CVE-2003-0245: Vulnerability in the apr_psprintf function in the Apache Portable Runtime (APR) library for Apache 2 Vulnerability in the apr_psprintf function in the Apache Portable Runtime (APR) library for Apache 2.0.37 through 2.0.45 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via long strings, as demonstrated using XML objects to mod_dav, and possibly other vectors.

CVE-2003-0189 [MEDIUM] CVE-2003-0189: The authentication module for Apache 2.0.40 through 2.0.45 on Unix does not properly handle threads The authentication module for Apache 2.0.40 through 2.0.45 on Unix does not properly handle threads safely when using the crypt_r or crypt functions, which allows remote attackers to cause a denial of service (failed Basic authentication with valid usernames and passwords) when a threaded MPM is used.

CVE-2003-0134 [MEDIUM] CVE-2003-0134: Unknown vulnerability in filestat.c for Apache running on OS2, versions 2.0 through 2.0.45, allows u Unknown vulnerability in filestat.c for Apache running on OS2, versions 2.0 through 2.0.45, allows unknown attackers to cause a denial of service via requests related to device names.

CVE-2003-0132 [MEDIUM] CWE-772 CVE-2003-0132: A memory leak in Apache 2.0 through 2.0.44 allows remote attackers to cause a denial of service (mem A memory leak in Apache 2.0 through 2.0.44 allows remote attackers to cause a denial of service (memory consumption) via large chunks of linefeed characters, which causes Apache to allocate 80 bytes for each linefeed.

CVE-2003-0083 [MEDIUM] CVE-2003-0083: Apache 1.3 before 1.3.25 and Apache 2.0 before version 2.0.46 does not filter terminal escape sequen Apache 1.3 before 1.3.25 and Apache 2.0 before version 2.0.46 does not filter terminal escape sequences from its access logs, which could make it easier for attackers to insert those sequences into terminal emulators containing vulnerabilities related to escape sequences, a different vulnerability than CVE-2003-0020.

CVE-2003-0020 [MEDIUM] CVE-2003-0020: Apache does not filter terminal escape sequences from its error logs, which could make it easier for Apache does not filter terminal escape sequences from its error logs, which could make it easier for attackers to insert those sequences into terminal emulators containing vulnerabilities related to escape sequences.

CVE-2003-0016 [HIGH] CVE-2003-0016: Apache before 2.0.44, when running on unpatched Windows 9x and Me operating systems, allows remote a Apache before 2.0.44, when running on unpatched Windows 9x and Me operating systems, allows remote attackers to cause a denial of service or execute arbitrary code via an HTTP request containing MS-DOS device names.