Search for packages
| purl | pkg:apache/httpd@1.3.33 |
| Vulnerability | Summary | Fixed by |
|---|---|---|
|
VCID-44gh-afxy-aaad
Aliases: CVE-2007-3304 |
Apache httpd 1.3.37, 2.0.59, and 2.2.4 with the Prefork MPM module, allows local users to cause a denial of service by modifying the worker_score and process_score arrays to reference an arbitrary process ID, which is sent a SIGUSR1 signal from the master process, aka "SIGUSR1 killer." |
Affected by 4 other vulnerabilities. Affected by 0 other vulnerabilities. Affected by 0 other vulnerabilities. Affected by 0 other vulnerabilities. Affected by 0 other vulnerabilities. Affected by 0 other vulnerabilities. Affected by 22 other vulnerabilities. Affected by 0 other vulnerabilities. Affected by 54 other vulnerabilities. Affected by 54 other vulnerabilities. |
|
VCID-beah-u8vc-aaaq
Aliases: CVE-2006-3918 |
http_protocol.c in (1) IBM HTTP Server 6.0 before 6.0.2.13 and 6.1 before 6.1.0.1, and (2) Apache HTTP Server 1.3 before 1.3.35, 2.0 before 2.0.58, and 2.2 before 2.2.2, does not sanitize the Expect header from an HTTP request when it is reflected back in an error message, which might allow cross-site scripting (XSS) style attacks using web client components that can send arbitrary headers in requests, as demonstrated using a Flash SWF file. |
Affected by 7 other vulnerabilities. Affected by 0 other vulnerabilities. |
|
VCID-ftdm-put6-aaaf
Aliases: CVE-2007-5000 |
Cross-site scripting (XSS) vulnerability in the (1) mod_imap module in the Apache HTTP Server 1.3.0 through 1.3.39 and 2.0.35 through 2.0.61 and the (2) mod_imagemap module in the Apache HTTP Server 2.2.0 through 2.2.6 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. |
Affected by 2 other vulnerabilities. Affected by 0 other vulnerabilities. Affected by 0 other vulnerabilities. Affected by 0 other vulnerabilities. Affected by 0 other vulnerabilities. Affected by 0 other vulnerabilities. Affected by 0 other vulnerabilities. Affected by 19 other vulnerabilities. Affected by 0 other vulnerabilities. Affected by 0 other vulnerabilities. Affected by 49 other vulnerabilities. |
|
VCID-kjcr-z95a-aaae
Aliases: CVE-2007-6388 |
Cross-site scripting (XSS) vulnerability in mod_status in the Apache HTTP Server 2.2.0 through 2.2.6, 2.0.35 through 2.0.61, and 1.3.2 through 1.3.39, when the server-status page is enabled, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. |
Affected by 2 other vulnerabilities. Affected by 0 other vulnerabilities. Affected by 0 other vulnerabilities. Affected by 0 other vulnerabilities. Affected by 0 other vulnerabilities. Affected by 0 other vulnerabilities. Affected by 0 other vulnerabilities. Affected by 19 other vulnerabilities. Affected by 0 other vulnerabilities. Affected by 0 other vulnerabilities. Affected by 49 other vulnerabilities. |
|
VCID-mjhv-u1xn-aaaa
Aliases: CVE-2006-3747 |
Off-by-one error in the ldap scheme handling in the Rewrite module (mod_rewrite) in Apache 1.3 from 1.3.28, 2.0.46 and other versions before 2.0.59, and 2.2, when RewriteEngine is enabled, allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via crafted URLs that are not properly handled using certain rewrite rules. |
Affected by 6 other vulnerabilities. Affected by 0 other vulnerabilities. Affected by 26 other vulnerabilities. Affected by 0 other vulnerabilities. Affected by 58 other vulnerabilities. |
|
VCID-ncrq-j3f7-aaag
Aliases: CVE-2010-0010 |
CVE-2010-0010 rhn-apache: buffer overflow via integer overflow vulnerability on 64bit platforms |
Affected by 1 other vulnerability. Affected by 0 other vulnerabilities. |
|
VCID-nm2g-nz56-aaas
Aliases: CVE-2006-5752 |
Cross-site scripting (XSS) vulnerability in mod_status.c in the mod_status module in Apache HTTP Server (httpd), when ExtendedStatus is enabled and a public server-status page is used, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors involving charsets with browsers that perform "charset detection" when the content-type is not specified. |
Affected by 4 other vulnerabilities. Affected by 0 other vulnerabilities. Affected by 0 other vulnerabilities. Affected by 0 other vulnerabilities. Affected by 0 other vulnerabilities. Affected by 0 other vulnerabilities. Affected by 22 other vulnerabilities. Affected by 0 other vulnerabilities. Affected by 54 other vulnerabilities. Affected by 54 other vulnerabilities. |
|
VCID-qpz8-ys7s-aaam
Aliases: CVE-2005-3352 |
Cross-site scripting (XSS) vulnerability in the mod_imap module of Apache httpd before 1.3.35-dev and Apache httpd 2.0.x before 2.0.56-dev allows remote attackers to inject arbitrary web script or HTML via the Referer when using image maps. |
Affected by 7 other vulnerabilities. Affected by 0 other vulnerabilities. Affected by 0 other vulnerabilities. Affected by 0 other vulnerabilities. Affected by 0 other vulnerabilities. Affected by 27 other vulnerabilities. Affected by 0 other vulnerabilities. Affected by 59 other vulnerabilities. |
|
VCID-wyfa-5v5x-aaam
Aliases: CVE-2011-3368 |
The mod_proxy module in the Apache HTTP Server 1.3.x through 1.3.42, 2.0.x through 2.0.64, and 2.2.x through 2.2.21 does not properly interact with use of (1) RewriteRule and (2) ProxyPassMatch pattern matches for configuration of a reverse proxy, which allows remote attackers to send requests to intranet servers via a malformed URI containing an initial @ (at sign) character. |
Affected by 0 other vulnerabilities. Affected by 0 other vulnerabilities. Affected by 0 other vulnerabilities. Affected by 0 other vulnerabilities. Affected by 0 other vulnerabilities. Affected by 0 other vulnerabilities. Affected by 0 other vulnerabilities. Affected by 0 other vulnerabilities. Affected by 0 other vulnerabilities. Affected by 21 other vulnerabilities. |
| Vulnerability | Summary | Aliases |
|---|---|---|
| VCID-w9jt-7rgt-aaaq | Buffer overflow in the get_tag function in mod_include for Apache 1.3.x to 1.3.32 allows local users who can create SSI documents to execute arbitrary code as the apache user via SSI (XSSI) documents that trigger a length calculation error. |
CVE-2004-0940
|
| Date | Actor | Action | Vulnerability | Source | VulnerableCode Version |
|---|---|---|---|---|---|
| 2025-03-28T12:34:43.308416+00:00 | Apache HTTPD Importer | Affected by | VCID-wyfa-5v5x-aaam | https://httpd.apache.org/security/json/CVE-2011-3368.json | 36.0.0 |
| 2025-03-28T12:34:40.639061+00:00 | Apache HTTPD Importer | Affected by | VCID-ncrq-j3f7-aaag | https://httpd.apache.org/security/json/CVE-2010-0010.json | 36.0.0 |
| 2025-03-28T12:34:36.183126+00:00 | Apache HTTPD Importer | Affected by | VCID-kjcr-z95a-aaae | https://httpd.apache.org/security/json/CVE-2007-6388.json | 36.0.0 |
| 2025-03-28T12:34:35.413551+00:00 | Apache HTTPD Importer | Affected by | VCID-ftdm-put6-aaaf | https://httpd.apache.org/security/json/CVE-2007-5000.json | 36.0.0 |
| 2025-03-28T12:34:34.429959+00:00 | Apache HTTPD Importer | Affected by | VCID-44gh-afxy-aaad | https://httpd.apache.org/security/json/CVE-2007-3304.json | 36.0.0 |
| 2025-03-28T12:34:33.454169+00:00 | Apache HTTPD Importer | Affected by | VCID-nm2g-nz56-aaas | https://httpd.apache.org/security/json/CVE-2006-5752.json | 36.0.0 |
| 2025-03-28T12:34:33.325078+00:00 | Apache HTTPD Importer | Affected by | VCID-beah-u8vc-aaaq | https://httpd.apache.org/security/json/CVE-2006-3918.json | 36.0.0 |
| 2025-03-28T12:34:32.922375+00:00 | Apache HTTPD Importer | Affected by | VCID-mjhv-u1xn-aaaa | https://httpd.apache.org/security/json/CVE-2006-3747.json | 36.0.0 |
| 2025-03-28T12:34:32.166351+00:00 | Apache HTTPD Importer | Affected by | VCID-qpz8-ys7s-aaam | https://httpd.apache.org/security/json/CVE-2005-3352.json | 36.0.0 |
| 2025-03-28T12:34:31.204248+00:00 | Apache HTTPD Importer | Fixing | VCID-w9jt-7rgt-aaaq | https://httpd.apache.org/security/json/CVE-2004-0940.json | 36.0.0 |
| 2024-11-18T22:52:39.330472+00:00 | Apache HTTPD Importer | Affected by | VCID-wyfa-5v5x-aaam | https://httpd.apache.org/security/json/CVE-2011-3368.json | 34.3.2 |
| 2024-11-18T22:52:34.454724+00:00 | Apache HTTPD Importer | Affected by | VCID-ncrq-j3f7-aaag | https://httpd.apache.org/security/json/CVE-2010-0010.json | 34.3.2 |
| 2024-11-18T22:52:25.820678+00:00 | Apache HTTPD Importer | Affected by | VCID-kjcr-z95a-aaae | https://httpd.apache.org/security/json/CVE-2007-6388.json | 34.3.2 |
| 2024-11-18T22:52:24.663962+00:00 | Apache HTTPD Importer | Affected by | VCID-ftdm-put6-aaaf | https://httpd.apache.org/security/json/CVE-2007-5000.json | 34.3.2 |
| 2024-11-18T22:52:22.993753+00:00 | Apache HTTPD Importer | Affected by | VCID-44gh-afxy-aaad | https://httpd.apache.org/security/json/CVE-2007-3304.json | 34.3.2 |
| 2024-09-18T07:21:09.760224+00:00 | Apache HTTPD Importer | Affected by | VCID-nm2g-nz56-aaas | https://httpd.apache.org/security/json/CVE-2006-5752.json | 34.0.1 |
| 2024-09-18T07:21:09.628850+00:00 | Apache HTTPD Importer | Affected by | VCID-beah-u8vc-aaaq | https://httpd.apache.org/security/json/CVE-2006-3918.json | 34.0.1 |
| 2024-09-18T07:21:09.262337+00:00 | Apache HTTPD Importer | Affected by | VCID-mjhv-u1xn-aaaa | https://httpd.apache.org/security/json/CVE-2006-3747.json | 34.0.1 |
| 2024-09-18T07:21:08.486447+00:00 | Apache HTTPD Importer | Affected by | VCID-qpz8-ys7s-aaam | https://httpd.apache.org/security/json/CVE-2005-3352.json | 34.0.1 |
| 2024-09-18T07:21:07.495246+00:00 | Apache HTTPD Importer | Fixing | VCID-w9jt-7rgt-aaaq | https://httpd.apache.org/security/json/CVE-2004-0940.json | 34.0.1 |
| 2024-01-04T01:33:30.328911+00:00 | Apache HTTPD Importer | Affected by | VCID-wyfa-5v5x-aaam | https://httpd.apache.org/security/json/CVE-2011-3368.json | 34.0.0rc1 |
| 2024-01-04T01:33:27.749956+00:00 | Apache HTTPD Importer | Affected by | VCID-ncrq-j3f7-aaag | https://httpd.apache.org/security/json/CVE-2010-0010.json | 34.0.0rc1 |
| 2024-01-04T01:33:23.455846+00:00 | Apache HTTPD Importer | Affected by | VCID-kjcr-z95a-aaae | https://httpd.apache.org/security/json/CVE-2007-6388.json | 34.0.0rc1 |
| 2024-01-04T01:33:22.728804+00:00 | Apache HTTPD Importer | Affected by | VCID-ftdm-put6-aaaf | https://httpd.apache.org/security/json/CVE-2007-5000.json | 34.0.0rc1 |
| 2024-01-04T01:33:21.782920+00:00 | Apache HTTPD Importer | Affected by | VCID-44gh-afxy-aaad | https://httpd.apache.org/security/json/CVE-2007-3304.json | 34.0.0rc1 |
| 2024-01-04T01:33:20.850123+00:00 | Apache HTTPD Importer | Affected by | VCID-nm2g-nz56-aaas | https://httpd.apache.org/security/json/CVE-2006-5752.json | 34.0.0rc1 |
| 2024-01-04T01:33:20.720805+00:00 | Apache HTTPD Importer | Affected by | VCID-beah-u8vc-aaaq | https://httpd.apache.org/security/json/CVE-2006-3918.json | 34.0.0rc1 |
| 2024-01-04T01:33:20.331703+00:00 | Apache HTTPD Importer | Affected by | VCID-mjhv-u1xn-aaaa | https://httpd.apache.org/security/json/CVE-2006-3747.json | 34.0.0rc1 |
| 2024-01-04T01:33:19.624705+00:00 | Apache HTTPD Importer | Affected by | VCID-qpz8-ys7s-aaam | https://httpd.apache.org/security/json/CVE-2005-3352.json | 34.0.0rc1 |
| 2024-01-04T01:33:18.699416+00:00 | Apache HTTPD Importer | Fixing | VCID-w9jt-7rgt-aaaq | https://httpd.apache.org/security/json/CVE-2004-0940.json | 34.0.0rc1 |