This CPE summary could be partial or incomplete. Please contact us for a detailed listing.

Summary

Summuary
CPE Namecpe:/a:apache:http_server:2.0.32
Detail
VendorApacheFirst view 2002-05-06
ProductHttp ServerLast view2019-04-08
Version2.0.32TypeApplication
Edition 
Language 
Update 
 
CPE Productcpe:/a:apache:http_server

Activity : Overall

Related : CVE

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
 DateAlertAccess VectorAccess ComplexityAuthentication
62019-04-08CVE-2019-0217NetworkMediumRequires ...
52019-01-30CVE-2018-17189NetworkLowNone Requ...
52018-03-26CVE-2018-1303NetworkLowNone Requ...
4.32018-03-26CVE-2018-1302NetworkMediumNone Requ...
4.32018-03-26CVE-2018-1301NetworkMediumNone Requ...
Hide | Show 20 More...
 DateAlertAccess VectorAccess ComplexityAuthentication
3.32018-03-09CVE-2016-8612Adjacent ...LowNone Requ...
52017-09-18CVE-2017-9798NetworkLowNone Requ...
6.42017-07-13CVE-2017-9788NetworkLowNone Requ...
5.12016-07-18CVE-2016-5387NetworkHighNone Requ...
52015-07-20CVE-2015-3183NetworkLowNone Requ...
52015-03-07CVE-2015-0228NetworkLowNone Requ...
52014-07-20CVE-2014-0231NetworkLowNone Requ...
6.82014-07-20CVE-2014-0226NetworkMediumNone Requ...
4.32014-07-20CVE-2014-0118NetworkMediumNone Requ...
52014-03-18CVE-2014-0098NetworkLowNone Requ...
52014-03-18CVE-2013-6438NetworkLowNone Requ...
7.52013-07-23CVE-2013-2249NetworkLowNone Requ...
4.32013-07-10CVE-2013-1896NetworkMediumNone Requ...
6.92012-04-18CVE-2012-0883LocalMediumNone Requ...
4.62012-01-18CVE-2012-0031LocalLowNone Requ...
52011-12-27CVE-2007-6750NetworkLowNone Requ...
4.32011-11-29CVE-2011-4317NetworkMediumNone Requ...
4.32011-11-29CVE-2011-3639NetworkMediumNone Requ...
1.22011-11-08CVE-2011-4415LocalHighNone Requ...

CWE : Common Weakness Enumeration

%idName
23% (10)CWE-20Improper Input Validation
21% (9)CWE-399Resource Management Errors
9% (4)CWE-79Failure to Preserve Web Page Structure ('Cross-site Scripting')
4% (2)CWE-362Race Condition
4% (2)CWE-264Permissions, Privileges, and Access Controls
Hide | Show 13 More...
%idName
4% (2)CWE-189Numeric Errors
4% (2)CWE-119Failure to Constrain Operations within the Bounds of a Memory Buffer
2% (1)CWE-476NULL Pointer Dereference
2% (1)CWE-416Use After Free
2% (1)CWE-400Uncontrolled Resource Consumption ('Resource Exhaustion')
2% (1)CWE-310Cryptographic Issues
2% (1)CWE-284Access Control (Authorization) Issues
2% (1)CWE-200Information Exposure
2% (1)CWE-125Out-of-bounds Read
2% (1)CWE-94Failure to Control Generation of Code ('Code Injection')
2% (1)CWE-89Improper Sanitization of Special Elements used in an SQL Command ('...
2% (1)CWE-17Code
2% (1)CWE-16Configuration

CAPEC : Common Attack Pattern Enumeration & Classification

idName
CAPEC-3Using Leading 'Ghost' Character Sequences to Bypass Input Filters
CAPEC-6Argument Injection
CAPEC-15Command Delimiters
CAPEC-18Embedding Scripts in Nonscript Elements
CAPEC-43Exploiting Multiple Input Interpretation Layers
Hide | Show 10 More...
idName
CAPEC-47Buffer Overflow via Parameter Expansion
CAPEC-63Simple Script Injection
CAPEC-71Using Unicode Encoding to Bypass Validation Logic
CAPEC-73User-Controlled Filename
CAPEC-85Client Network Footprinting (using AJAX/XSS)
CAPEC-86Embedding Script (XSS ) in HTTP Headers
CAPEC-100Overflow Buffers
CAPEC-123Buffer Attacks
CAPEC-163Spear Phishing
CAPEC-198Cross-Site Scripting in Error Pages

Oval Markup Language : Definitions

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
OvalIDName
oval:org.mitre.oval:def:10416ssl_engine_kernel.c in mod_ssl before 2.8.24, when using "SSLVerifyClient opt...
oval:org.mitre.oval:def:11133mod_disk_cache in Apache 2.0 through 2.0.49 stores client headers, including ...
oval:org.mitre.oval:def:11380The IPv6 URI parsing routines in the apr-util library for Apache 2.0.50 and e...
oval:org.mitre.oval:def:25379RHSA-2014:0920: httpd security update (Important)
oval:org.mitre.oval:def:25253RHSA-2014:0921: httpd security update (Important)
Hide | Show 20 More...
idName
oval:org.mitre.oval:def:26259DSA-2989-1 -- apache2 - security update
oval:org.mitre.oval:def:25884USN-2299-1 -- apache2 vulnerabilities
oval:org.mitre.oval:def:26461SUSE-SU-2014:0967-1 -- Security update for the Apache Web Server
oval:org.mitre.oval:def:27060ELSA-2014-0920 -- httpd security update (important)
oval:org.mitre.oval:def:28909HP-UX Apache Server Suite running Apache Tomcat or PHP, Remote Denial of Ser...
oval:org.mitre.oval:def:7716Apache 'mod_proxy_ftp' Wildcard Characters Cross-Site Scripting Vulnerability
oval:org.mitre.oval:def:13835USN-731-1 -- apache2 vulnerabilities
oval:org.mitre.oval:def:11316Cross-site scripting (XSS) vulnerability in proxy_ftp.c in the mod_proxy_ftp ...
oval:org.mitre.oval:def:21751ELSA-2008:0967: httpd security and bug fix update (Moderate)
oval:org.mitre.oval:def:29289RHSA-2008:0967 -- httpd security and bug fix update (Moderate)
oval:org.mitre.oval:def:11561Buffer overflow in Apache 2.0.50 and earlier allows local users to gain apach...
oval:org.mitre.oval:def:19686HP-UX Running Apache, Remote Denial of Service (DoS), Local Increase of Priv...
oval:org.mitre.oval:def:8439Apache 'mod_isapi' Memory Corruption Vulnerability
oval:org.mitre.oval:def:19739HP-UX Running Apache, Remote Denial of Service (DoS), Local Increase of Priv...
oval:org.mitre.oval:def:21205RHSA-2013:1156: httpd security update (Moderate)
oval:org.mitre.oval:def:19747HP-UX Apache Web Server, Remote Execution of Arbitrary Code, Denial of Servi...
oval:org.mitre.oval:def:18835Apache HTTP vulnerability before 2.2.25 in VisualSVN Server (CVE-2013-1896)
oval:org.mitre.oval:def:18274USN-1903-1 -- apache2 vulnerabilities
oval:org.mitre.oval:def:23801ELSA-2013:1156: httpd security update (Moderate)
oval:org.mitre.oval:def:23320DEPRECATED: ELSA-2013:1156: httpd security update (Moderate)

SAINT Exploits

DescriptionLink
Apache chunked encoding buffer overflowMore info here

Open Source Vulnerability Database (OSVDB)

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
idDescription
78293Apache HTTP Server Scoreboard Invalid Free Operation Local Security Bypass
78079GoAhead WebServer Partial HTTP Request Parsing Remote DoS
77832Parallels Plesk Panel Billing System TLS Renegotiation Handshakes MiTM Plaint...
77444Apache HTTP Server mod_proxy Mdule Web Request HTTP/0.9 Protocol URL Parsing ...
77310Apache HTTP Server mod_proxy Reverse Proxy Mode Security Bypass Weakness (201...
Hide | Show 20 More...
idDescription
77012Apache HTTP Server server/utils.c ap_pregsub() Function htaccess File Handlin...
76744Apache HTTP Server server/utils.c ap_pregsub() Function htaccess File Handlin...
76079Apache HTTP Server mod_proxy Mdule Web Request URL Parsing Proxy Remote Secur...
75647Apache HTTP Server mod_proxy_ajp Module mod_proxy_balancer HTTP Request Remot...
75622Blue Coat Director TLS Renegotiation Handshakes MiTM Plaintext Data Injection
74721Apache HTTP Server ByteRange Filter Memory Exhaustion Remote DoS
74335Hitachi Web Server TLS Renegotiation Handshakes MiTM Plaintext Data Injection
73388Multiple Vendor libc Implentation fnmatch.c Memory Consumption DoS
73383Apache HTTP Server Portable Runtime (APR) Library apr_fnmatch() Infinite Loop...
71961Oracle Fusion Middleware Oracle WebLogic Server TLS Renegotiation Handshakes ...
71951Oracle Multiple Products Oracle Security Service TLS Renegotiation Handshakes...
70620mGuard TLS Renegotiation Handshakes MiTM Plaintext Data Injection
70055Oracle Supply Chain Transportation Management TLS Renegotiation Handshakes Mi...
69561IBM WebSphere MQ Internet Pass-Thru TLS Renegotiation Handshake MiTM Plaintex...
69032Oracle Java SE / Java for Business TLS Renegotiation Handshake MiTM Plaintext...
67029HP Threat Management Services zl Module TLS Renegotiation Handshakes MiTM Pla...
66315HP Insight Manager TLS Renegotiation Handshakes MiTM Plaintext Data Injection
65202OpenOffice.org (OOo) TLS Renegotiation Handshakes MiTM Plaintext Data Injection
64725HP System Management Homepage (SMH) TLS Renegotiation Handshakes MiTM Plainte...
64499ArubaOS HTTPS WebUI Admin Interface TLS Renegotiation Handshakes MiTM Plainte...

ExploitDB Exploits

idDescription
18221Apache HTTP Server Denial of Service
17969Apache mod_proxy Reverse Proxy Exposure Vulnerability PoC
14288Write-to-file Shellcode (Win32)
11650Apache 2.2.14 mod_isapi Dangling Pointer Remote SYSTEM Exploit
10579TLS Renegotiation Vulnerability PoC Exploit
Hide | Show 1 More...
idDescription
855Apache <= 2.0.52 HTTP GET request Denial of Service Exploit

OpenVAS Exploits

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
idDescription
2012-10-03Name : Mandriva Update for apache MDVSA-2012:154-1 (apache)
File : nvt/gb_mandriva_MDVSA_2012_154_1.nasl
2012-09-25Name : Mac OS X v10.6.8 Multiple Vulnerabilities (2012-004)
File : nvt/gb_macosx_su12-004.nasl
2012-09-10Name : Slackware Advisory SSA:2011-133-01 apr/apr-util
File : nvt/esoft_slk_ssa_2011_133_01.nasl
2012-09-10Name : Slackware Advisory SSA:2011-252-01 httpd
File : nvt/esoft_slk_ssa_2011_252_01.nasl
2012-09-10Name : Slackware Advisory SSA:2011-284-01 httpd
File : nvt/esoft_slk_ssa_2011_284_01.nasl
Hide | Show 20 More...
idDescription
2012-09-10Name : Slackware Advisory SSA:2012-041-01 httpd
File : nvt/esoft_slk_ssa_2012_041_01.nasl
2012-08-10Name : FreeBSD Ports: apache
File : nvt/freebsd_apache21.nasl
2012-08-10Name : Gentoo Security Advisory GLSA 201206-18 (GnuTLS)
File : nvt/glsa_201206_18.nasl
2012-08-10Name : Gentoo Security Advisory GLSA 201206-25 (apache)
File : nvt/glsa_201206_25.nasl
2012-08-02Name : SuSE Update for apache2 openSUSE-SU-2012:0314-1 (apache2)
File : nvt/gb_suse_2012_0314_1.nasl
2012-07-30Name : CentOS Update for httpd CESA-2011:1245 centos4 x86_64
File : nvt/gb_CESA-2011_1245_httpd_centos4_x86_64.nasl
2012-07-30Name : CentOS Update for httpd CESA-2011:1392 centos4 x86_64
File : nvt/gb_CESA-2011_1392_httpd_centos4_x86_64.nasl
2012-07-30Name : CentOS Update for httpd CESA-2011:1392 centos5 x86_64
File : nvt/gb_CESA-2011_1392_httpd_centos5_x86_64.nasl
2012-07-30Name : CentOS Update for apr CESA-2011:0507 centos4 x86_64
File : nvt/gb_CESA-2011_0507_apr_centos4_x86_64.nasl
2012-07-30Name : CentOS Update for apr CESA-2011:0507 centos5 x86_64
File : nvt/gb_CESA-2011_0507_apr_centos5_x86_64.nasl
2012-07-30Name : CentOS Update for apr CESA-2011:0844 centos4 x86_64
File : nvt/gb_CESA-2011_0844_apr_centos4_x86_64.nasl
2012-07-30Name : CentOS Update for apr CESA-2011:0844 centos5 x86_64
File : nvt/gb_CESA-2011_0844_apr_centos5_x86_64.nasl
2012-07-30Name : CentOS Update for httpd CESA-2012:0128 centos6
File : nvt/gb_CESA-2012_0128_httpd_centos6.nasl
2012-07-09Name : RedHat Update for httpd RHSA-2011:1391-01
File : nvt/gb_RHSA-2011_1391-01_httpd.nasl
2012-07-09Name : RedHat Update for httpd RHSA-2012:0128-01
File : nvt/gb_RHSA-2012_0128-01_httpd.nasl
2012-04-30Name : Gentoo Security Advisory GLSA 201203-22 (nginx)
File : nvt/glsa_201203_22.nasl
2012-04-02Name : Fedora Update for httpd FEDORA-2012-1598
File : nvt/gb_fedora_2012_1598_httpd_fc16.nasl
2012-04-02Name : Fedora Update for httpd FEDORA-2011-12667
File : nvt/gb_fedora_2011_12667_httpd_fc16.nasl
2012-03-16Name : VMSA-2011-0003.2 Third party component updates for VMware vCenter Server, vCe...
File : nvt/gb_VMSA-2011-0003.nasl
2012-03-07Name : Fedora Update for httpd FEDORA-2012-1642
File : nvt/gb_fedora_2012_1642_httpd_fc15.nasl

Information Assurance Vulnerability Management (IAVM)

idDescription
2015-A-0199Multiple Vulnerabilities in Apple Mac OS X
Severity : Category I - VMSKEY : V0061337
2015-A-0174Multiple Vulnerabilities in Apache HTTP Server
Severity : Category I - VMSKEY : V0061135
2015-A-0149Multiple Vulnerabilities in Juniper Networks and Security Manager(NSM) Appliance
Severity : Category I - VMSKEY : V0061101
2015-B-0083Multiple Vulnerabilities in IBM Storwize V7000 Unified
Severity : Category I - VMSKEY : V0060983
2014-A-0172Multiple Vulnerabilities in Red Hat JBoss Enterprise Application Platform
Severity : Category I - VMSKEY : V0057381
Hide | Show 9 More...
idDescription
2014-A-0114Multiple Vulnerabilities in Apache HTTP Server
Severity : Category I - VMSKEY : V0053307
2014-A-0084Multiple Vulnerabilities in Apache HTTP Server
Severity : Category I - VMSKEY : V0052631
2014-B-0065Multiple Vulnerabilities in IBM WebSphere Application Server
Severity : Category I - VMSKEY : V0051617
2014-A-0030Apple Mac OS X Security Update 2014-001
Severity : Category I - VMSKEY : V0044547
2013-A-0177Multiple Vulnerabilities in Red Hat JBoss Enterprise Application Platform
Severity : Category I - VMSKEY : V0040288
2013-A-0146Multiple Security Vulnerabilities in Apache HTTP Server
Severity : Category I - VMSKEY : V0039573
2012-B-0048Multiple Vulnerabilities in HP Systems Insight Manager
Severity : Category I - VMSKEY : V0032178
2012-B-0038Multiple Vulnerabilities in HP Onboard Administrator
Severity : Category I - VMSKEY : V0031972
2011-A-0066Multiple Vulnerabilities in VMware Products
Severity : Category I - VMSKEY : V0027158

Snort® IPS/IDS

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
DateDescription
2014-01-10Apache malformed ipv6 uri overflow attempt
RuleID : 5715 - Type : SERVER-APACHE - Revision : 11
2018-06-05HTTP request smuggling attempt
RuleID : 46495 - Type : SERVER-OTHER - Revision : 4
2018-02-03Apache SSI error page cross-site scripting attempt
RuleID : 45307 - Type : SERVER-APACHE - Revision : 2
2017-12-13Apache HTTP Server possible mod_dav.c remote denial of service vulnerability ...
RuleID : 44808 - Type : INDICATOR-COMPROMISE - Revision : 2
2017-10-26Apache HTTP Server possible OPTIONS method memory leak attempt
RuleID : 44434 - Type : SERVER-APACHE - Revision : 5
Hide | Show 20 More...
DateDescription
2017-08-31Apache mod_auth_digest out of bounds read attempt
RuleID : 43790 - Type : SERVER-OTHER - Revision : 2
2016-07-28HttpOxy CGI application vulnerability potential man-in-the-middle attempt
RuleID : 39737-community - Type : SERVER-WEBAPP - Revision : 2
2016-08-31HttpOxy CGI application vulnerability potential man-in-the-middle attempt
RuleID : 39737 - Type : SERVER-WEBAPP - Revision : 2
2014-01-10Multiple Products IFRAME src javascript code execution
RuleID : 3679 - Type : INDICATOR-OBFUSCATION - Revision : 18
2015-09-01Apache HTTP Server mod_status heap buffer overflow attempt
RuleID : 35406 - Type : SERVER-APACHE - Revision : 4
2014-07-10Apache Chunked-Encoding worm attempt
RuleID : 31405-community - Type : SERVER-APACHE - Revision : 2
2014-11-16Apache Chunked-Encoding worm attempt
RuleID : 31405 - Type : SERVER-APACHE - Revision : 2
2014-01-10Apache URI directory traversal attempt
RuleID : 21356 - Type : SERVER-APACHE - Revision : 4
2014-01-10Apache Byte-Range Filter denial of service attempt
RuleID : 21260 - Type : SERVER-APACHE - Revision : 8
2014-01-10Apache server mod_proxy reverse proxy bypass attempt
RuleID : 21214 - Type : SERVER-APACHE - Revision : 11
2014-01-10Apache server mod_proxy reverse proxy exposure attempt
RuleID : 20580 - Type : WEB-MISC - Revision : 2
2014-01-10Apache mod_proxy reverse proxy information disclosure attempt
RuleID : 20528 - Type : SERVER-APACHE - Revision : 13
2014-01-10Apache Killer denial of service tool exploit attempt
RuleID : 19825 - Type : SERVER-APACHE - Revision : 13
2014-01-10Apache APR apr_fn match infinite loop denial of service attempt
RuleID : 19709 - Type : SERVER-APACHE - Revision : 4
2014-01-10Apache mod_isapi dangling pointer exploit attempt
RuleID : 19124 - Type : SERVER-APACHE - Revision : 7
2014-01-10Apache mod_isapi dangling pointer code execution attempt
RuleID : 19107 - Type : SERVER-APACHE - Revision : 10
2014-01-10Apache Chunked-Encoding worm attempt
RuleID : 1809-community - Type : SERVER-APACHE - Revision : 19
2014-01-10Apache Chunked-Encoding worm attempt
RuleID : 1809 - Type : SERVER-APACHE - Revision : 19
2014-01-10apache chunked encoding memory corruption exploit attempt
RuleID : 1808-community - Type : SERVER-WEBAPP - Revision : 16
2014-01-10apache chunked encoding memory corruption exploit attempt
RuleID : 1808 - Type : SERVER-WEBAPP - Revision : 16

Nessus® Vulnerability Scanner

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
idDescription
2019-01-03Name : The remote Fedora host is missing a security update.
File : fedora_2018-eec13e2e8d.nasl - Type : ACT_GATHER_INFO
2019-01-03Name : The remote Fedora host is missing a security update.
File : fedora_2018-6744ca470d.nasl - Type : ACT_GATHER_INFO
2018-11-27Name : The remote Virtuozzo host is missing a security update.
File : Virtuozzo_VZLSA-2017-2478.nasl - Type : ACT_GATHER_INFO
2018-11-27Name : The remote Virtuozzo host is missing a security update.
File : Virtuozzo_VZLSA-2017-2972.nasl - Type : ACT_GATHER_INFO
2018-08-17Name : The remote PhotonOS host is missing multiple security updates.
File : PhotonOS_PHSA-2017-0027.nasl - Type : ACT_GATHER_INFO
Hide | Show 20 More...
idDescription
2018-08-17Name : The remote PhotonOS host is missing multiple security updates.
File : PhotonOS_PHSA-2018-1_0-0126.nasl - Type : ACT_GATHER_INFO
2018-07-24Name : The remote PhotonOS host is missing multiple security updates.
File : PhotonOS_PHSA-2018-2_0-0037.nasl - Type : ACT_GATHER_INFO
2018-07-24Name : The remote PhotonOS host is missing multiple security updates.
File : PhotonOS_PHSA-2018-2_0-0039.nasl - Type : ACT_GATHER_INFO
2018-07-03Name : The remote EulerOS host is missing a security update.
File : EulerOS_SA-2018-1212.nasl - Type : ACT_GATHER_INFO
2018-07-03Name : The remote EulerOS host is missing multiple security updates.
File : EulerOS_SA-2018-1213.nasl - Type : ACT_GATHER_INFO
2018-05-31Name : The remote Debian host is missing a security update.
File : debian_DLA-1389.nasl - Type : ACT_GATHER_INFO
2018-05-14Name : The remote Fedora host is missing a security update.
File : fedora_2018-e6d9251471.nasl - Type : ACT_GATHER_INFO
2018-05-04Name : The remote Amazon Linux AMI host is missing a security update.
File : ala_ALAS-2018-1004.nasl - Type : ACT_GATHER_INFO
2018-04-30Name : The remote Fedora host is missing a security update.
File : fedora_2018-63de5f3f6b.nasl - Type : ACT_GATHER_INFO
2018-04-06Name : The remote Fedora host is missing a security update.
File : fedora_2018-0a95bff197.nasl - Type : ACT_GATHER_INFO
2018-04-06Name : The remote Fedora host is missing a security update.
File : fedora_2018-375e3244b6.nasl - Type : ACT_GATHER_INFO
2018-04-04Name : The remote Debian host is missing a security-related update.
File : debian_DSA-4164.nasl - Type : ACT_GATHER_INFO
2018-04-03Name : The remote web server may allow remote code execution.
File : iis_7_pci.nasl - Type : ACT_GATHER_INFO
2018-03-30Name : The remote web server is affected by multiple vulnerabilities.
File : apache_2_4_30.nasl - Type : ACT_GATHER_INFO
2018-03-27Name : The remote FreeBSD host is missing one or more security-related updates.
File : freebsd_pkg_f38187e72f6e11e88f07b499baebfeaf.nasl - Type : ACT_GATHER_INFO
2018-03-21Name : The remote device is affected by multiple vulnerabilities.
File : juniper_space_jsa_10838.nasl - Type : ACT_GATHER_INFO
2018-03-09Name : The remote web server is affected by multiple vulnerabilities.
File : nginx_0_7_64.nasl - Type : ACT_GATHER_INFO
2018-01-15Name : The remote Fedora host is missing a security update.
File : fedora_2017-fdd3a98e8f.nasl - Type : ACT_GATHER_INFO
2017-12-07Name : The remote host is missing a macOS update that fixes multiple security vulner...
File : macos_10_13_2.nasl - Type : ACT_GATHER_INFO
2017-12-07Name : The remote host is missing a macOS or Mac OS X security update that fixes mul...
File : macosx_SecUpd2017-005.nasl - Type : ACT_GATHER_INFO