This CPE summary could be partial or incomplete. Please contact us for a detailed listing.

Summary

Summuary
CPE Namecpe:/a:apache:http_server:2.2.8
Detail
VendorApacheFirst view 2008-06-13
ProductHttp ServerLast view2019-04-08
Version2.2.8TypeApplication
Edition 
Language 
Update 
 
CPE Productcpe:/a:apache:http_server

Activity : Overall

Related : CVE

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
 DateAlertAccess VectorAccess ComplexityAuthentication
62019-04-08CVE-2019-0217NetworkMediumRequires ...
52019-01-30CVE-2018-17189NetworkLowNone Requ...
4.32018-08-14CVE-2016-4975NetworkMediumNone Requ...
6.82018-03-26CVE-2018-1312NetworkMediumNone Requ...
52018-03-26CVE-2018-1303NetworkLowNone Requ...
Hide | Show 20 More...
 DateAlertAccess VectorAccess ComplexityAuthentication
4.32018-03-26CVE-2018-1302NetworkMediumNone Requ...
4.32018-03-26CVE-2018-1301NetworkMediumNone Requ...
3.32018-03-09CVE-2016-8612Adjacent ...LowNone Requ...
52017-09-18CVE-2017-9798NetworkLowNone Requ...
6.42017-07-13CVE-2017-9788NetworkLowNone Requ...
7.52017-06-19CVE-2017-7679NetworkLowNone Requ...
5.12016-07-18CVE-2016-5387NetworkHighNone Requ...
52015-07-20CVE-2015-3183NetworkLowNone Requ...
52015-03-07CVE-2015-0228NetworkLowNone Requ...
52014-07-20CVE-2014-0231NetworkLowNone Requ...
6.82014-07-20CVE-2014-0226NetworkMediumNone Requ...
4.32014-07-20CVE-2014-0118NetworkMediumNone Requ...
52014-03-18CVE-2014-0098NetworkLowNone Requ...
52014-03-18CVE-2013-6438NetworkLowNone Requ...
7.52013-07-23CVE-2013-2249NetworkLowNone Requ...
4.32013-07-10CVE-2013-1896NetworkMediumNone Requ...
5.12013-06-10CVE-2013-1862NetworkHighNone Requ...
4.32013-02-26CVE-2012-4558NetworkMediumNone Requ...
4.32013-02-26CVE-2012-3499NetworkMediumNone Requ...

CWE : Common Weakness Enumeration

%idName
22% (10)CWE-20Improper Input Validation
20% (9)CWE-399Resource Management Errors
8% (4)CWE-79Failure to Preserve Web Page Structure ('Cross-site Scripting')
6% (3)CWE-264Permissions, Privileges, and Access Controls
4% (2)CWE-362Race Condition
Hide | Show 13 More...
%idName
4% (2)CWE-310Cryptographic Issues
4% (2)CWE-200Information Exposure
4% (2)CWE-189Numeric Errors
4% (2)CWE-119Failure to Constrain Operations within the Bounds of a Memory Buffer
2% (1)CWE-476NULL Pointer Dereference
2% (1)CWE-416Use After Free
2% (1)CWE-400Uncontrolled Resource Consumption ('Resource Exhaustion')
2% (1)CWE-287Improper Authentication
2% (1)CWE-284Access Control (Authorization) Issues
2% (1)CWE-125Out-of-bounds Read
2% (1)CWE-93Failure to Sanitize CRLF Sequences ('CRLF Injection')
2% (1)CWE-17Code
2% (1)CWE-16Configuration

Oval Markup Language : Definitions

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
OvalIDName
oval:org.mitre.oval:def:25379RHSA-2014:0920: httpd security update (Important)
oval:org.mitre.oval:def:25253RHSA-2014:0921: httpd security update (Important)
oval:org.mitre.oval:def:26259DSA-2989-1 -- apache2 - security update
oval:org.mitre.oval:def:25884USN-2299-1 -- apache2 vulnerabilities
oval:org.mitre.oval:def:26461SUSE-SU-2014:0967-1 -- Security update for the Apache Web Server
Hide | Show 20 More...
idName
oval:org.mitre.oval:def:27060ELSA-2014-0920 -- httpd security update (important)
oval:org.mitre.oval:def:28909HP-UX Apache Server Suite running Apache Tomcat or PHP, Remote Denial of Ser...
oval:org.mitre.oval:def:7716Apache 'mod_proxy_ftp' Wildcard Characters Cross-Site Scripting Vulnerability
oval:org.mitre.oval:def:13835USN-731-1 -- apache2 vulnerabilities
oval:org.mitre.oval:def:11316Cross-site scripting (XSS) vulnerability in proxy_ftp.c in the mod_proxy_ftp ...
oval:org.mitre.oval:def:21751ELSA-2008:0967: httpd security and bug fix update (Moderate)
oval:org.mitre.oval:def:29289RHSA-2008:0967 -- httpd security and bug fix update (Moderate)
oval:org.mitre.oval:def:18977HP-UX Running Apache, Remote Denial of Service (DoS), Execution of Arbitrary...
oval:org.mitre.oval:def:19686HP-UX Running Apache, Remote Denial of Service (DoS), Local Increase of Priv...
oval:org.mitre.oval:def:8695Apache HTTP Server request header information disclosure
oval:org.mitre.oval:def:7161DSA-2035 apache2 -- multiple issues
oval:org.mitre.oval:def:21223RHSA-2010:0168: httpd security and enhancement update (Moderate)
oval:org.mitre.oval:def:13227DSA-2035-1 apache2 -- multiple issues
oval:org.mitre.oval:def:13100USN-908-1 -- apache2 vulnerabilities
oval:org.mitre.oval:def:10358The ap_read_request function in server/protocol.c in the Apache HTTP Server 2...
oval:org.mitre.oval:def:22685ELSA-2010:0168: httpd security and enhancement update (Moderate)
oval:org.mitre.oval:def:27438DEPRECATED: ELSA-2010-0168 -- httpd security and enhancement update (moderate)
oval:org.mitre.oval:def:8439Apache 'mod_isapi' Memory Corruption Vulnerability
oval:org.mitre.oval:def:19739HP-UX Running Apache, Remote Denial of Service (DoS), Local Increase of Priv...
oval:org.mitre.oval:def:21205RHSA-2013:1156: httpd security update (Moderate)

Open Source Vulnerability Database (OSVDB)

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
idDescription
78556Apache HTTP Server Status Code 400 Default Error Response httpOnly Cookie Dis...
78293Apache HTTP Server Scoreboard Invalid Free Operation Local Security Bypass
78079GoAhead WebServer Partial HTTP Request Parsing Remote DoS
77832Parallels Plesk Panel Billing System TLS Renegotiation Handshakes MiTM Plaint...
77444Apache HTTP Server mod_proxy Mdule Web Request HTTP/0.9 Protocol URL Parsing ...
Hide | Show 20 More...
idDescription
77310Apache HTTP Server mod_proxy Reverse Proxy Mode Security Bypass Weakness (201...
77012Apache HTTP Server server/utils.c ap_pregsub() Function htaccess File Handlin...
76744Apache HTTP Server server/utils.c ap_pregsub() Function htaccess File Handlin...
76079Apache HTTP Server mod_proxy Mdule Web Request URL Parsing Proxy Remote Secur...
75647Apache HTTP Server mod_proxy_ajp Module mod_proxy_balancer HTTP Request Remot...
75622Blue Coat Director TLS Renegotiation Handshakes MiTM Plaintext Data Injection
74721Apache HTTP Server ByteRange Filter Memory Exhaustion Remote DoS
74335Hitachi Web Server TLS Renegotiation Handshakes MiTM Plaintext Data Injection
73388Multiple Vendor libc Implentation fnmatch.c Memory Consumption DoS
73383Apache HTTP Server Portable Runtime (APR) Library apr_fnmatch() Infinite Loop...
71961Oracle Fusion Middleware Oracle WebLogic Server TLS Renegotiation Handshakes ...
71951Oracle Multiple Products Oracle Security Service TLS Renegotiation Handshakes...
70620mGuard TLS Renegotiation Handshakes MiTM Plaintext Data Injection
70055Oracle Supply Chain Transportation Management TLS Renegotiation Handshakes Mi...
69561IBM WebSphere MQ Internet Pass-Thru TLS Renegotiation Handshake MiTM Plaintex...
69032Oracle Java SE / Java for Business TLS Renegotiation Handshake MiTM Plaintext...
67029HP Threat Management Services zl Module TLS Renegotiation Handshakes MiTM Pla...
66745Apache HTTP Server Multiple Modules Pathless Request Remote DoS
66315HP Insight Manager TLS Renegotiation Handshakes MiTM Plaintext Data Injection
65202OpenOffice.org (OOo) TLS Renegotiation Handshakes MiTM Plaintext Data Injection

ExploitDB Exploits

idDescription
18221Apache HTTP Server Denial of Service
17969Apache mod_proxy Reverse Proxy Exposure Vulnerability PoC
14288Write-to-file Shellcode (Win32)
11650Apache 2.2.14 mod_isapi Dangling Pointer Remote SYSTEM Exploit
10579TLS Renegotiation Vulnerability PoC Exploit

OpenVAS Exploits

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
idDescription
2012-11-26Name : FreeBSD Ports: apache22
File : nvt/freebsd_apache22.nasl
2012-11-09Name : Ubuntu Update for apache2 USN-1627-1
File : nvt/gb_ubuntu_USN_1627_1.nasl
2012-10-03Name : Mandriva Update for apache MDVSA-2012:154-1 (apache)
File : nvt/gb_mandriva_MDVSA_2012_154_1.nasl
2012-09-25Name : Mac OS X v10.6.8 Multiple Vulnerabilities (2012-004)
File : nvt/gb_macosx_su12-004.nasl
2012-09-10Name : Slackware Advisory SSA:2011-133-01 apr/apr-util
File : nvt/esoft_slk_ssa_2011_133_01.nasl
Hide | Show 20 More...
idDescription
2012-09-10Name : Slackware Advisory SSA:2011-252-01 httpd
File : nvt/esoft_slk_ssa_2011_252_01.nasl
2012-09-10Name : Slackware Advisory SSA:2011-284-01 httpd
File : nvt/esoft_slk_ssa_2011_284_01.nasl
2012-09-10Name : Slackware Advisory SSA:2012-041-01 httpd
File : nvt/esoft_slk_ssa_2012_041_01.nasl
2012-08-10Name : FreeBSD Ports: apache
File : nvt/freebsd_apache21.nasl
2012-08-10Name : Gentoo Security Advisory GLSA 201206-18 (GnuTLS)
File : nvt/glsa_201206_18.nasl
2012-08-10Name : Gentoo Security Advisory GLSA 201206-25 (apache)
File : nvt/glsa_201206_25.nasl
2012-08-02Name : SuSE Update for apache2 openSUSE-SU-2012:0314-1 (apache2)
File : nvt/gb_suse_2012_0314_1.nasl
2012-07-30Name : CentOS Update for httpd CESA-2011:1245 centos4 x86_64
File : nvt/gb_CESA-2011_1245_httpd_centos4_x86_64.nasl
2012-07-30Name : CentOS Update for httpd CESA-2011:1392 centos4 x86_64
File : nvt/gb_CESA-2011_1392_httpd_centos4_x86_64.nasl
2012-07-30Name : CentOS Update for httpd CESA-2011:1392 centos5 x86_64
File : nvt/gb_CESA-2011_1392_httpd_centos5_x86_64.nasl
2012-07-30Name : CentOS Update for apr CESA-2011:0507 centos4 x86_64
File : nvt/gb_CESA-2011_0507_apr_centos4_x86_64.nasl
2012-07-30Name : CentOS Update for apr CESA-2011:0507 centos5 x86_64
File : nvt/gb_CESA-2011_0507_apr_centos5_x86_64.nasl
2012-07-30Name : CentOS Update for apr CESA-2011:0844 centos4 x86_64
File : nvt/gb_CESA-2011_0844_apr_centos4_x86_64.nasl
2012-07-30Name : CentOS Update for apr CESA-2011:0844 centos5 x86_64
File : nvt/gb_CESA-2011_0844_apr_centos5_x86_64.nasl
2012-07-30Name : CentOS Update for httpd CESA-2012:0128 centos6
File : nvt/gb_CESA-2012_0128_httpd_centos6.nasl
2012-07-09Name : RedHat Update for httpd RHSA-2011:1391-01
File : nvt/gb_RHSA-2011_1391-01_httpd.nasl
2012-07-09Name : RedHat Update for httpd RHSA-2012:0128-01
File : nvt/gb_RHSA-2012_0128-01_httpd.nasl
2012-04-30Name : Gentoo Security Advisory GLSA 201203-22 (nginx)
File : nvt/glsa_201203_22.nasl
2012-04-26Name : Apache HTTP Server 'httpOnly' Cookie Information Disclosure Vulnerability
File : nvt/secpod_apache_http_srv_cookie_info_disc_vuln.nasl
2012-04-02Name : Fedora Update for httpd FEDORA-2012-1598
File : nvt/gb_fedora_2012_1598_httpd_fc16.nasl

Information Assurance Vulnerability Management (IAVM)

idDescription
2015-A-0199Multiple Vulnerabilities in Apple Mac OS X
Severity : Category I - VMSKEY : V0061337
2015-A-0174Multiple Vulnerabilities in Apache HTTP Server
Severity : Category I - VMSKEY : V0061135
2015-A-0149Multiple Vulnerabilities in Juniper Networks and Security Manager(NSM) Appliance
Severity : Category I - VMSKEY : V0061101
2015-B-0083Multiple Vulnerabilities in IBM Storwize V7000 Unified
Severity : Category I - VMSKEY : V0060983
2014-A-0172Multiple Vulnerabilities in Red Hat JBoss Enterprise Application Platform
Severity : Category I - VMSKEY : V0057381
Hide | Show 10 More...
idDescription
2014-A-0114Multiple Vulnerabilities in Apache HTTP Server
Severity : Category I - VMSKEY : V0053307
2014-A-0084Multiple Vulnerabilities in Apache HTTP Server
Severity : Category I - VMSKEY : V0052631
2014-B-0065Multiple Vulnerabilities in IBM WebSphere Application Server
Severity : Category I - VMSKEY : V0051617
2014-A-0030Apple Mac OS X Security Update 2014-001
Severity : Category I - VMSKEY : V0044547
2014-A-0009Multiple Vulnerabilities in Oracle Fusion Middleware
Severity : Category I - VMSKEY : V0043395
2013-A-0177Multiple Vulnerabilities in Red Hat JBoss Enterprise Application Platform
Severity : Category I - VMSKEY : V0040288
2013-A-0146Multiple Security Vulnerabilities in Apache HTTP Server
Severity : Category I - VMSKEY : V0039573
2012-B-0048Multiple Vulnerabilities in HP Systems Insight Manager
Severity : Category I - VMSKEY : V0032178
2012-B-0038Multiple Vulnerabilities in HP Onboard Administrator
Severity : Category I - VMSKEY : V0031972
2011-A-0066Multiple Vulnerabilities in VMware Products
Severity : Category I - VMSKEY : V0027158

Snort® IPS/IDS

DateDescription
2019-10-17Apache cookie logging denial of service attempt
RuleID : 51547 - Type : SERVER-APACHE - Revision : 1
2018-06-05HTTP request smuggling attempt
RuleID : 46495 - Type : SERVER-OTHER - Revision : 4
2017-12-13Apache HTTP Server possible mod_dav.c remote denial of service vulnerability ...
RuleID : 44808 - Type : INDICATOR-COMPROMISE - Revision : 2
2017-10-26Apache HTTP Server possible OPTIONS method memory leak attempt
RuleID : 44434 - Type : SERVER-APACHE - Revision : 5
2017-08-31Apache mod_auth_digest out of bounds read attempt
RuleID : 43790 - Type : SERVER-OTHER - Revision : 2
Hide | Show 16 More...
DateDescription
2017-08-15httpd mod_mime content-type buffer overflow attempt
RuleID : 43547 - Type : SERVER-APACHE - Revision : 2
2016-07-28HttpOxy CGI application vulnerability potential man-in-the-middle attempt
RuleID : 39737-community - Type : SERVER-WEBAPP - Revision : 2
2016-08-31HttpOxy CGI application vulnerability potential man-in-the-middle attempt
RuleID : 39737 - Type : SERVER-WEBAPP - Revision : 2
2016-04-05Apache HTTP server potential cookie disclosure attempt
RuleID : 37968 - Type : SERVER-WEBAPP - Revision : 1
2014-01-10Multiple Products IFRAME src javascript code execution
RuleID : 3679 - Type : INDICATOR-OBFUSCATION - Revision : 18
2015-09-01Apache HTTP Server mod_status heap buffer overflow attempt
RuleID : 35406 - Type : SERVER-APACHE - Revision : 4
2014-01-10Apache mod_proxy_balancer cross site scripting attempt
RuleID : 26431 - Type : SERVER-WEBAPP - Revision : 3
2014-01-10Apache server mod_proxy reverse proxy bypass attempt
RuleID : 21214 - Type : SERVER-APACHE - Revision : 11
2014-01-10Apache server mod_proxy reverse proxy exposure attempt
RuleID : 20580 - Type : WEB-MISC - Revision : 2
2014-01-10Apache mod_proxy reverse proxy information disclosure attempt
RuleID : 20528 - Type : SERVER-APACHE - Revision : 13
2014-01-10Apache Killer denial of service tool exploit attempt
RuleID : 19825 - Type : SERVER-APACHE - Revision : 13
2014-01-10Apache APR apr_fn match infinite loop denial of service attempt
RuleID : 19709 - Type : SERVER-APACHE - Revision : 4
2014-01-10Apache mod_isapi dangling pointer exploit attempt
RuleID : 19124 - Type : SERVER-APACHE - Revision : 7
2014-01-10Apache mod_isapi dangling pointer code execution attempt
RuleID : 19107 - Type : SERVER-APACHE - Revision : 10
2014-01-10Apache mod_isapi dangling pointer exploit attempt
RuleID : 16480 - Type : SERVER-APACHE - Revision : 5
2014-01-10Apache mod_isapi dangling pointer exploit attempt - public shell code
RuleID : 16479 - Type : SERVER-APACHE - Revision : 5

Nessus® Vulnerability Scanner

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
idDescription
2019-01-03Name : The remote Fedora host is missing a security update.
File : fedora_2018-eec13e2e8d.nasl - Type : ACT_GATHER_INFO
2019-01-03Name : The remote Fedora host is missing a security update.
File : fedora_2018-6744ca470d.nasl - Type : ACT_GATHER_INFO
2018-11-27Name : The remote Virtuozzo host is missing a security update.
File : Virtuozzo_VZLSA-2017-2478.nasl - Type : ACT_GATHER_INFO
2018-11-27Name : The remote Virtuozzo host is missing a security update.
File : Virtuozzo_VZLSA-2017-2972.nasl - Type : ACT_GATHER_INFO
2018-08-17Name : The remote PhotonOS host is missing multiple security updates.
File : PhotonOS_PHSA-2017-0027.nasl - Type : ACT_GATHER_INFO
Hide | Show 20 More...
idDescription
2018-08-17Name : The remote PhotonOS host is missing multiple security updates.
File : PhotonOS_PHSA-2018-1_0-0126.nasl - Type : ACT_GATHER_INFO
2018-07-24Name : The remote PhotonOS host is missing multiple security updates.
File : PhotonOS_PHSA-2018-2_0-0037.nasl - Type : ACT_GATHER_INFO
2018-07-24Name : The remote PhotonOS host is missing multiple security updates.
File : PhotonOS_PHSA-2018-2_0-0039.nasl - Type : ACT_GATHER_INFO
2018-07-03Name : The remote EulerOS host is missing a security update.
File : EulerOS_SA-2018-1212.nasl - Type : ACT_GATHER_INFO
2018-07-03Name : The remote EulerOS host is missing multiple security updates.
File : EulerOS_SA-2018-1213.nasl - Type : ACT_GATHER_INFO
2018-05-31Name : The remote Debian host is missing a security update.
File : debian_DLA-1389.nasl - Type : ACT_GATHER_INFO
2018-05-29Name : The remote EulerOS host is missing multiple security updates.
File : EulerOS_SA-2018-1151.nasl - Type : ACT_GATHER_INFO
2018-05-29Name : The remote EulerOS host is missing multiple security updates.
File : EulerOS_SA-2018-1152.nasl - Type : ACT_GATHER_INFO
2018-05-24Name : The remote device is missing a vendor-supplied security patch.
File : f5_bigip_SOL75429050.nasl - Type : ACT_GATHER_INFO
2018-05-14Name : The remote Fedora host is missing a security update.
File : fedora_2018-e6d9251471.nasl - Type : ACT_GATHER_INFO
2018-05-04Name : The remote Amazon Linux AMI host is missing a security update.
File : ala_ALAS-2018-1004.nasl - Type : ACT_GATHER_INFO
2018-04-30Name : The remote Fedora host is missing a security update.
File : fedora_2018-63de5f3f6b.nasl - Type : ACT_GATHER_INFO
2018-04-06Name : The remote Fedora host is missing a security update.
File : fedora_2018-0a95bff197.nasl - Type : ACT_GATHER_INFO
2018-04-06Name : The remote Fedora host is missing a security update.
File : fedora_2018-375e3244b6.nasl - Type : ACT_GATHER_INFO
2018-04-04Name : The remote Debian host is missing a security-related update.
File : debian_DSA-4164.nasl - Type : ACT_GATHER_INFO
2018-04-03Name : The remote web server may allow remote code execution.
File : iis_7_pci.nasl - Type : ACT_GATHER_INFO
2018-03-30Name : The remote web server is affected by multiple vulnerabilities.
File : apache_2_4_30.nasl - Type : ACT_GATHER_INFO
2018-03-27Name : The remote FreeBSD host is missing one or more security-related updates.
File : freebsd_pkg_f38187e72f6e11e88f07b499baebfeaf.nasl - Type : ACT_GATHER_INFO
2018-03-21Name : The remote device is affected by multiple vulnerabilities.
File : juniper_space_jsa_10838.nasl - Type : ACT_GATHER_INFO
2018-03-09Name : The remote web server is affected by multiple vulnerabilities.
File : nginx_0_7_64.nasl - Type : ACT_GATHER_INFO