Headline

CVE-2009-1890

The stream_reqbody_cl function in mod_proxy_http.c in the mod_proxy module in the Apache HTTP Server before 2.3.3, when a reverse proxy is configured, does not properly handle an amount of streamed data that exceeds the Content-Length value, which allows remote attackers to cause a denial of service (CPU consumption) via crafted requests.

15 years ago

CVE

Open in Source

#dos #apache #perl

Unspecified vulnerability in Oracle MySQL 5.1.67 and earlier, 5.5.29 and earlier, and 5.6.10 and earlier allows remote authenticated users to affect confidentiality, integrity, and availability via unknown vectors related to Information Schema.

11 years ago

CVE

Open in Source

#sql #vulnerability #web #windows #google #linux #memcached #java #oracle #kubernetes #intel #auth #zero_day #docker

CVE-2012-0053: Apache HTTP Server 2.2 vulnerabilities

protocol.c in the Apache HTTP Server 2.2.x through 2.2.21 does not properly restrict header information during construction of Bad Request (aka 400) error documents, which allows remote attackers to obtain the values of HTTPOnly cookies via vectors involving a (1) long or (2) malformed header in conjunction with crafted web script.

13 years ago

CVE

Open in Source

#xss #csrf #vulnerability #web #ios #windows #google #dos #apache #perl #ldap #vmware #buffer_overflow #auth #ibm #sap #ssl

CVE-2009-1891: #534712 - apache2.2-common: DOS possible with mod_deflate

The mod_deflate module in Apache httpd 2.2.11 and earlier compresses large files until completion even after the associated network connection is closed, which allows remote attackers to cause a denial of service (CPU consumption).

15 years ago

CVE

Open in Source