Apache : Security Vulnerabilities, CVEs, Published In November 2004
The mod_ssl module in Apache 2.0.35 through 2.0.52, when using the "SSLCipherSuite" directive in directory or location context, allows remote clients to bypass intended restrictions by using any cipher suite that is allowed by the virtual host configuration.
Max CVSS
7.5
EPSS Score
0.18%
Published
2004-11-03
Updated
2021-06-06
PHP 4.3.4 and earlier in Apache 1.x and 2.x (mod_php) can leak global variables between virtual hosts that are handled by the same Apache child process but have different settings, which could allow remote attackers to obtain sensitive information.
Max CVSS
5.0
EPSS Score
0.30%
Published
2004-11-23
Updated
2017-10-10
2 vulnerabilities found