Apache » Http Server : Security Vulnerabilities, CVEs, Published In 1999
Apache allows remote attackers to conduct a denial of service via a large number of MIME headers.
Max CVSS
10.0
EPSS Score
0.39%
Published
1999-09-03
Updated
2008-09-05
Multiple buffer overflows in smbvalid/smbval SMB authentication library, as used in Apache::AuthenSmb and possibly other modules, allows remote attackers to execute arbitrary commands via (1) a long username, (2) a long password, and (3) other unspecified methods.
Max CVSS
10.0
EPSS Score
0.13%
Published
1999-06-06
Updated
2020-07-21
mod_proxy in Apache 1.2.5 and earlier allows remote attackers to cause a denial of service via malformed FTP commands, which causes Apache to dump core.
Max CVSS
10.0
EPSS Score
0.36%
Published
1999-12-31
Updated
2016-10-18
CVE-1999-1053
Public exploit
guestbook.pl cleanses user-inserted SSI commands by removing text between "<!--" and "-->" separators, which allows remote attackers to execute arbitrary commands when guestbook.pl is run on Apache 1.3.9 and possibly other versions, since Apache allows other closing sequences besides "-->".
Max CVSS
7.5
EPSS Score
94.36%
Published
1999-09-13
Updated
2008-09-05
The Apache web server for Win32 may provide access to restricted files when a . (dot) is appended to a requested URL.
Max CVSS
5.0
EPSS Score
0.19%
Published
1999-12-12
Updated
2022-08-17
A default configuration of Apache on Debian GNU/Linux sets the ServerRoot to /usr/doc, which allows remote users to read documentation files for the entire server.
Max CVSS
5.0
EPSS Score
2.94%
Published
1999-01-17
Updated
2020-10-13
A possible interaction between Apple MacOS X release 1.0 and Apache HTTP server allows remote attackers to cause a denial of service (crash) via a flood of HTTP GET requests to CGI programs, which generates a large number of processes.
Max CVSS
5.0
EPSS Score
0.23%
Published
1999-06-03
Updated
2021-09-22
Vulnerability in Apache httpd before 1.3.11, when configured for mass virtual hosting using mod_rewrite, or mod_vhost_alias in Apache 1.3.9, allows remote attackers to retrieve arbitrary files.
Max CVSS
5.0
EPSS Score
0.71%
Published
1999-08-20
Updated
2021-06-06
8 vulnerabilities found