Apache » Http Server : Security Vulnerabilities, CVEs, Published In 2002 (Denial of service)
CVE-2002-0392
Public exploit
Apache 1.3 through 1.3.24, and Apache 2.0 through 2.0.36, allows remote attackers to cause a denial of service and possibly execute arbitrary code via a chunk-encoded HTTP request that causes Apache to use an incorrect size.
Max CVSS
7.5
EPSS Score
75.28%
Published
2002-07-03
Updated
2021-07-15
Tomcat 4.0 through 4.1.12, using mod_jk 1.2.1 module on Apache 1.3 through 1.3.27, allows remote attackers to cause a denial of service (desynchronized communications) via an HTTP GET request with a Transfer-Encoding chunked field with invalid values.
Max CVSS
7.8
EPSS Score
0.72%
Published
2002-12-31
Updated
2017-07-29
mod_cgi in Apache 2.0.39 and 2.0.40 allows local users and possibly remote attackers to cause a denial of service (hang and memory consumption) by causing a CGI script to send a large amount of data to stderr, which results in a read/write deadlock between httpd and the CGI script.
Max CVSS
7.5
EPSS Score
0.42%
Published
2002-12-31
Updated
2024-02-09
mod_dav in Apache before 2.0.42 does not properly handle versioning hooks, which may allow remote attackers to kill a child process via a null dereference and cause a denial of service (CPU consumption) in a preforked multi-processing module.
Max CVSS
5.0
EPSS Score
2.71%
Published
2002-09-25
Updated
2021-06-06
Buffer overflows in the ApacheBench benchmark support program (ab.c) in Apache before 1.3.27, and Apache 2.x before 2.0.43, allow a malicious web server to cause a denial of service and possibly execute arbitrary code via a long response.
Max CVSS
7.5
EPSS Score
0.51%
Published
2002-10-11
Updated
2021-06-06
The shared memory scoreboard in the HTTP daemon for Apache 1.3.x before 1.3.27 allows any user running as the Apache UID to send a SIGUSR1 signal to any process as root, resulting in a denial of service (process kill) or possibly other behaviors that would not normally be allowed, by modifying the parent[].pid and parent[].last_rtime segments in the scoreboard.
Max CVSS
7.2
EPSS Score
0.09%
Published
2002-10-11
Updated
2022-09-23
6 vulnerabilities found