IBM » Http Server : Security Vulnerabilities, CVEs, (Denial of service)
IBM HTTP Server 8.5 used by IBM WebSphere Application Server could allow a remote user to cause a denial of service using a specially crafted URL. IBM X-Force ID: 248296.
Max CVSS
7.5
EPSS Score
0.12%
Published
2023-03-01
Updated
2023-03-10
The ap_get_mime_headers_core function in Apache httpd 2.0.49 allows remote attackers to cause a denial of service (memory exhaustion), and possibly an integer signedness error leading to a heap-based buffer overflow on 64 bit systems, via long header lines with large numbers of space or tab characters.
Max CVSS
6.4
EPSS Score
96.23%
Published
2004-08-06
Updated
2021-06-06
Heap-based buffer overflow in proxy_util.c for mod_proxy in Apache 1.3.25 to 1.3.31 allows remote attackers to cause a denial of service (process crash) and possibly execute arbitrary code via a negative Content-Length HTTP header field, which causes a large amount of data to be copied.
Max CVSS
10.0
EPSS Score
1.23%
Published
2004-08-06
Updated
2021-06-06
Kernel leak in AfpaCache module of the Fast Response Cache Accelerator (FRCA) component of IBM HTTP Server 1.3.x and Websphere 3.52 allows remote attackers to cause a denial of service via a series of malformed HTTP requests that generate a "bad request" error.
Max CVSS
5.0
EPSS Score
1.29%
Published
2001-03-13
Updated
2017-10-10
IBM HTTP Server 1.3.6 (based on Apache) allows remote attackers to cause a denial of service and possibly execute arbitrary commands via a long GET request.
Max CVSS
7.5
EPSS Score
0.95%
Published
2001-01-09
Updated
2016-10-18
5 vulnerabilities found