Apache : Security Vulnerabilities, CVEs, Published In 2003 (Denial of service)
Apache before 2.0.44, when running on unpatched Windows 9x and Me operating systems, allows remote attackers to cause a denial of service or execute arbitrary code via an HTTP request containing MS-DOS device names.
Max CVSS
7.5
EPSS Score
5.86%
Published
2003-02-07
Updated
2021-06-06
Jakarta Tomcat before 3.3.1a on certain Windows systems may allow remote attackers to cause a denial of service (thread hang and resource consumption) via a request for a JSP page containing an MS-DOS device name, such as aux.jsp.
Max CVSS
5.0
EPSS Score
0.35%
Published
2003-02-07
Updated
2017-10-10
A memory leak in Apache 2.0 through 2.0.44 allows remote attackers to cause a denial of service (memory consumption) via large chunks of linefeed characters, which causes Apache to allocate 80 bytes for each linefeed.
Max CVSS
5.0
EPSS Score
91.80%
Published
2003-04-11
Updated
2021-07-15
Unknown vulnerability in filestat.c for Apache running on OS2, versions 2.0 through 2.0.45, allows unknown attackers to cause a denial of service via requests related to device names.
Max CVSS
5.0
EPSS Score
0.89%
Published
2003-04-11
Updated
2021-06-06
The authentication module for Apache 2.0.40 through 2.0.45 on Unix does not properly handle threads safely when using the crypt_r or crypt functions, which allows remote attackers to cause a denial of service (failed Basic authentication with valid usernames and passwords) when a threaded MPM is used.
Max CVSS
5.0
EPSS Score
0.70%
Published
2003-06-09
Updated
2021-06-06
Vulnerability in the apr_psprintf function in the Apache Portable Runtime (APR) library for Apache 2.0.37 through 2.0.45 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via long strings, as demonstrated using XML objects to mod_dav, and possibly other vectors.
Max CVSS
5.0
EPSS Score
96.63%
Published
2003-06-09
Updated
2021-06-06
The prefork MPM in Apache 2 before 2.0.47 does not properly handle certain errors from accept, which could lead to a denial of service.
Max CVSS
5.0
EPSS Score
0.28%
Published
2003-08-18
Updated
2021-06-06
Apache 2 before 2.0.47, when running on an IPv6 host, allows attackers to cause a denial of service (CPU consumption by infinite loop) when the FTP proxy server fails to create an IPv6 socket.
Max CVSS
5.0
EPSS Score
0.23%
Published
2003-08-18
Updated
2021-06-06
The rotatelogs program on Apache before 1.3.28, for Windows and OS/2 systems, does not properly ignore certain control characters that are received over the pipe, which could allow remote attackers to cause a denial of service.
Max CVSS
5.0
EPSS Score
5.80%
Published
2003-08-27
Updated
2021-06-06
Multiple stack-based buffer overflows in (1) mod_alias and (2) mod_rewrite for Apache before 1.3.29 allow attackers to create configuration files to cause a denial of service (crash) or execute arbitrary code via a regular expression with more than 9 captures.
Max CVSS
7.2
EPSS Score
0.10%
Published
2003-11-03
Updated
2021-06-06
The Catalina org.apache.catalina.connector.http package in Tomcat 4.0.x up to 4.0.3 allows remote attackers to cause a denial of service via several requests that do not follow the HTTP protocol, which causes Tomcat to reject later requests.
Max CVSS
5.0
EPSS Score
0.47%
Published
2003-11-17
Updated
2019-03-25
Unknown vulnerability in mod_python 3.0.x before 3.0.4, and 2.7.x before 2.7.9, allows remote attackers to cause a denial of service (httpd crash) via a certain query string.
Max CVSS
5.0
EPSS Score
4.37%
Published
2003-12-15
Updated
2017-10-11
12 vulnerabilities found