| Apache HTTP Server | Number Of NVD | 298 | CRITICAL | 25 | HIGH | 101 | MEDIUM | 159 | LOW | 13 |
| URL | https://httpd.apache.org/ | ||||||||
|---|---|---|---|---|---|---|---|---|---|
| Explanation | It is the most widely used web server software in the world, and is used for everything from large commercial sites to home servers. It is also referred to simply as Apache. The above text is excerpted from "https://ja.wikipedia.org/wiki/Apache_HTTP_Server". It has become one of the open source combinations called LAMP (Linux, Apache, MySQL [MariaDB], PHP). |
||||||||
| Tag | |||||||||
| No | Type | Name | URL |
|---|---|---|---|
| 1 | https://httpd.apache.org/download.cgi |
| No | Name | Latest Version | Release date | Initial release | Normal Support | Security Support Service Pack Support |
Extended for a fee |
Critical | High | Medium | Low |
|---|---|---|---|---|---|---|---|---|---|---|---|
| 291 | Apache HTTP Server 2.4 | 2.4.67 | May 4, 2026 | Feb. 21, 2012 | 22 | 39 | 36 | 1 | |||
| 292 | Apache HTTP Server 2.0 | 2.0.65 | July 10, 2013 | April 6, 2002 | July 10, 2013 | 9 | 29 | 73 | 5 | ||
| 293 | Apache HTTP Server 2.3 | 2.3.9 | 8 | 10 | 9 | 0 | |||||
| 294 | Apache HTTP Server 2.2 | 2.2.9 | 12 | 21 | 69 | 7 | |||||
| 295 | Apache HTTP Server 2.1 | 2.1.9 | 9 | 10 | 13 | 0 | |||||
| 296 | Apache HTTP Server 2.0 | 2.0.9 | 9 | 22 | 54 | 4 | |||||
| 297 | Apache HTTP Server 12.2 | 12.2.1.3.0 | 0 | 0 | 0 | 0 | |||||
| 298 | Apache HTTP Server 12.1 | 12.1.3.0.0 | 0 | 0 | 0 | 0 | |||||
| 299 | Apache HTTP Server 11.1 | 11.1.1.9.0 | 0 | 0 | 0 | 0 | |||||
| 300 | Apache HTTP Server 1.99 | 1.99 | 9 | 12 | 12 | 0 | |||||
| 301 | Apache HTTP Server 1.4 | 1.4.0 | 9 | 12 | 12 | 0 | |||||
| 302 | Apache HTTP Server 1.3 | 1.3.9 | 10 | 28 | 43 | 3 | |||||
| 303 | Apache HTTP Server 1.2 | 1.2.9 | 9 | 17 | 19 | 0 | |||||
| 304 | Apache HTTP Server 1.15 | 1.15.17 | 9 | 13 | 12 | 0 | |||||
| 305 | Apache HTTP Server 1.1 | 1.1.1 | 9 | 19 | 20 | 0 | |||||
| 306 | Apache HTTP Server 1.0 | 1.0.5 | 9 | 18 | 20 | 0 | |||||
| 307 | Apache HTTP Server 0.8 | 0.8.14 | 9 | 17 | 19 | 0 |
| No | CVSS3 CVSS2 |
Level Attach Vector |
Title | CWE | CVE | cpe23Uri | or higher | or less | more than | less than | Update date Published date |
Show Affected | Exploit PoC Search |
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| 291 |
- 5.0 |
MEDIUM | A default configuration of Apache on Debian GNU/Linux sets the ServerRoot to /usr/doc, which allows remote users to read documentation files for the entire server. |
NVD-CWE-Other
|
CVE-1999-0678 | cpe:2.3:a:apache:http_server:-:* |
2020-10-14 02:09 1999-01-17 |
Show | GitHub Exploit DB Packet Storm | ||||
| 292 |
- 10.0 |
HIGH | Apache WWW server 1.3.1 and earlier allows remote attackers to cause a denial of service (resource exhaustion) via a large number of MIME headers with the same name, aka the "sioux" vulnerability. |
NVD-CWE-Other
|
CVE-1999-1199 | cpe:2.3:a:apache:http_server:*:* | 1.3.1 |
2023-11-7 10:55 1998-08-7 |
Show | GitHub Exploit DB Packet Storm | |||
| 293 |
- 5.0 |
MEDIUM | Buffer overflow in Apache 1.2.5 and earlier allows a remote attacker to cause a denial of service with a large number of GET requests containing a large number of / characters. |
NVD-CWE-Other
|
CVE-1999-0107 |
cpe:2.3:a:apache:http_server:1.2.5:* cpe:2.3:a:apache:http_server:1.1:* cpe:2.3:a:apache:http_server:1.1.1:* c… |
2022-08-17 16:15 1997-12-30 |
Show | GitHub Exploit DB Packet Storm | ||||
| 294 |
- 7.5 |
HIGH | Apache httpd cookie buffer overflow for versions 1.1.1 and earlier. |
NVD-CWE-Other
|
CVE-1999-0071 | cpe:2.3:a:apache:http_server:1.1.1:* |
2022-08-17 16:15 1997-09-1 |
Show | GitHub Exploit DB Packet Storm | ||||
| 295 |
7.5 5.0 |
HIGH
Network |
ScriptAlias directory in NCSA and Apache httpd allowed attackers to read CGI programs. |
CWE-200
Information Exposure |
CVE-1999-0236 | cpe:2.3:a:apache:http_server:-:* |
2022-08-17 16:15 1997-01-1 |
Show | GitHub Exploit DB Packet Storm | ||||
| 296 |
- 7.5 |
HIGH | List of arbitrary files on Web host via nph-test-cgi script. |
NVD-CWE-Other
|
CVE-1999-0045 |
cpe:2.3:a:apache:http_server:1.1:* cpe:2.3:a:apache:http_server:1.0:* cpe:2.3:a:apache:http_server:1.0.5:* cpe… |
2022-08-17 16:15 1996-12-10 |
Show | GitHub Exploit DB Packet Storm | ||||
| 297 |
- 5.0 |
MEDIUM | test-cgi program allows an attacker to list files on the server. |
NVD-CWE-noinfo
|
CVE-1999-0070 | cpe:2.3:a:apache:http_server:*:* | 1.3.0 |
2023-11-7 10:54 1996-04-1 |
Show | GitHub Exploit DB Packet Storm | |||
| 298 |
- 10.0 |
HIGH | phf CGI program allows remote command execution through shell metacharacters. |
CWE-78
OS Command |
CVE-1999-0067 | cpe:2.3:a:apache:http_server:1.0.3:* |
2024-01-27 05:00 1996-03-20 |
Show | GitHub Exploit DB Packet Storm |