You are viewing a plain text version of this content. The canonical link for it is here.
Posted to cvs@httpd.apache.org by mj...@apache.org on 2021/03/30 10:13:34 UTC
svn commit: r1888194 [4/13] - /httpd/site/trunk/content/security/json/
Added: httpd/site/trunk/content/security/json/CVE-2005-2700.json
URL: http://svn.apache.org/viewvc/httpd/site/trunk/content/security/json/CVE-2005-2700.json?rev=1888194&view=auto
==============================================================================
--- httpd/site/trunk/content/security/json/CVE-2005-2700.json (added)
+++ httpd/site/trunk/content/security/json/CVE-2005-2700.json Tue Mar 30 10:13:32 2021
@@ -0,0 +1,177 @@
+{
+ "data_type": "CVE",
+ "data_format": "MITRE",
+ "data_version": "4.0",
+ "generator": {
+ "engine": "xmltojsonmjc 1.0"
+ },
+ "references": {},
+ "timeline": [
+ {
+ "time": "2005-08-30",
+ "lang": "eng",
+ "value": "reported"
+ },
+ {
+ "time": "2005-08-30",
+ "lang": "eng",
+ "value": "public"
+ },
+ {
+ "time": "2005-10-14",
+ "lang": "eng",
+ "value": "2.0.55 released"
+ }
+ ],
+ "CNA_private": {
+ "owner": "httpd"
+ },
+ "CVE_data_meta": {
+ "ASSIGNER": "security@apache.org",
+ "AKA": "",
+ "STATE": "PUBLIC",
+ "DATE_PUBLIC": "2005-08-30",
+ "ID": "CVE-2005-2700",
+ "TITLE": "SSLVerifyClient bypass"
+ },
+ "source": {
+ "defect": [],
+ "advisory": "",
+ "discovery": "UNKNOWN"
+ },
+ "problemtype": {
+ "problemtype_data": [
+ {
+ "description": [
+ {
+ "lang": "eng",
+ "value": "SSLVerifyClient bypass"
+ }
+ ]
+ }
+ ]
+ },
+ "description": {
+ "description_data": [
+ {
+ "lang": "eng",
+ "value": "A flaw in the mod_ssl handling of the \"SSLVerifyClient\" directive. This flaw would occur if a virtual host has been configured using \"SSLVerifyClient optional\" and further a directive \"SSLVerifyClient required\" is set for a specific location. For servers configured in this fashion, an attacker may be able to access resources that should otherwise be protected, by not supplying a client certificate when connecting."
+ }
+ ]
+ },
+ "impact": [
+ {
+ "other": "important"
+ }
+ ],
+ "affects": {
+ "vendor": {
+ "vendor_data": [
+ {
+ "vendor_name": "Apache Software Foundation",
+ "product": {
+ "product_data": [
+ {
+ "product_name": "Apache HTTP Server",
+ "version": {
+ "version_data": [
+ {
+ "version_name": "2.0",
+ "version_affected": "=",
+ "version_value": "2.0.54"
+ },
+ {
+ "version_name": "2.0",
+ "version_affected": "=",
+ "version_value": "2.0.53"
+ },
+ {
+ "version_name": "2.0",
+ "version_affected": "=",
+ "version_value": "2.0.52"
+ },
+ {
+ "version_name": "2.0",
+ "version_affected": "=",
+ "version_value": "2.0.51"
+ },
+ {
+ "version_name": "2.0",
+ "version_affected": "=",
+ "version_value": "2.0.50"
+ },
+ {
+ "version_name": "2.0",
+ "version_affected": "=",
+ "version_value": "2.0.49"
+ },
+ {
+ "version_name": "2.0",
+ "version_affected": "=",
+ "version_value": "2.0.48"
+ },
+ {
+ "version_name": "2.0",
+ "version_affected": "=",
+ "version_value": "2.0.47"
+ },
+ {
+ "version_name": "2.0",
+ "version_affected": "=",
+ "version_value": "2.0.46"
+ },
+ {
+ "version_name": "2.0",
+ "version_affected": "=",
+ "version_value": "2.0.45"
+ },
+ {
+ "version_name": "2.0",
+ "version_affected": "=",
+ "version_value": "2.0.44"
+ },
+ {
+ "version_name": "2.0",
+ "version_affected": "=",
+ "version_value": "2.0.43"
+ },
+ {
+ "version_name": "2.0",
+ "version_affected": "=",
+ "version_value": "2.0.42"
+ },
+ {
+ "version_name": "2.0",
+ "version_affected": "=",
+ "version_value": "2.0.40"
+ },
+ {
+ "version_name": "2.0",
+ "version_affected": "=",
+ "version_value": "2.0.39"
+ },
+ {
+ "version_name": "2.0",
+ "version_affected": "=",
+ "version_value": "2.0.37"
+ },
+ {
+ "version_name": "2.0",
+ "version_affected": "=",
+ "version_value": "2.0.36"
+ },
+ {
+ "version_name": "2.0",
+ "version_affected": "=",
+ "version_value": "2.0.35"
+ }
+ ]
+ }
+ }
+ ]
+ }
+ }
+ ]
+ }
+ }
+}
\ No newline at end of file
Added: httpd/site/trunk/content/security/json/CVE-2005-2728.json
URL: http://svn.apache.org/viewvc/httpd/site/trunk/content/security/json/CVE-2005-2728.json?rev=1888194&view=auto
==============================================================================
--- httpd/site/trunk/content/security/json/CVE-2005-2728.json (added)
+++ httpd/site/trunk/content/security/json/CVE-2005-2728.json Tue Mar 30 10:13:32 2021
@@ -0,0 +1,177 @@
+{
+ "data_type": "CVE",
+ "data_format": "MITRE",
+ "data_version": "4.0",
+ "generator": {
+ "engine": "xmltojsonmjc 1.0"
+ },
+ "references": {},
+ "timeline": [
+ {
+ "time": "2005-07-07",
+ "lang": "eng",
+ "value": "reported"
+ },
+ {
+ "time": "2005-07-07",
+ "lang": "eng",
+ "value": "public"
+ },
+ {
+ "time": "2005-10-14",
+ "lang": "eng",
+ "value": "2.0.55 released"
+ }
+ ],
+ "CNA_private": {
+ "owner": "httpd"
+ },
+ "CVE_data_meta": {
+ "ASSIGNER": "security@apache.org",
+ "AKA": "",
+ "STATE": "PUBLIC",
+ "DATE_PUBLIC": "2005-07-07",
+ "ID": "CVE-2005-2728",
+ "TITLE": "Byterange filter DoS"
+ },
+ "source": {
+ "defect": [],
+ "advisory": "",
+ "discovery": "UNKNOWN"
+ },
+ "problemtype": {
+ "problemtype_data": [
+ {
+ "description": [
+ {
+ "lang": "eng",
+ "value": "Byterange filter DoS"
+ }
+ ]
+ }
+ ]
+ },
+ "description": {
+ "description_data": [
+ {
+ "lang": "eng",
+ "value": "A flaw in the byterange filter would cause some responses to be buffered into memory. If a server has a dynamic resource such as a CGI script or PHP script which generates a large amount of data, an attacker could send carefully crafted requests in order to consume resources, potentially leading to a Denial of Service."
+ }
+ ]
+ },
+ "impact": [
+ {
+ "other": "moderate"
+ }
+ ],
+ "affects": {
+ "vendor": {
+ "vendor_data": [
+ {
+ "vendor_name": "Apache Software Foundation",
+ "product": {
+ "product_data": [
+ {
+ "product_name": "Apache HTTP Server",
+ "version": {
+ "version_data": [
+ {
+ "version_name": "2.0",
+ "version_affected": "=",
+ "version_value": "2.0.54"
+ },
+ {
+ "version_name": "2.0",
+ "version_affected": "=",
+ "version_value": "2.0.53"
+ },
+ {
+ "version_name": "2.0",
+ "version_affected": "=",
+ "version_value": "2.0.52"
+ },
+ {
+ "version_name": "2.0",
+ "version_affected": "=",
+ "version_value": "2.0.51"
+ },
+ {
+ "version_name": "2.0",
+ "version_affected": "=",
+ "version_value": "2.0.50"
+ },
+ {
+ "version_name": "2.0",
+ "version_affected": "=",
+ "version_value": "2.0.49"
+ },
+ {
+ "version_name": "2.0",
+ "version_affected": "=",
+ "version_value": "2.0.48"
+ },
+ {
+ "version_name": "2.0",
+ "version_affected": "=",
+ "version_value": "2.0.47"
+ },
+ {
+ "version_name": "2.0",
+ "version_affected": "=",
+ "version_value": "2.0.46"
+ },
+ {
+ "version_name": "2.0",
+ "version_affected": "=",
+ "version_value": "2.0.45"
+ },
+ {
+ "version_name": "2.0",
+ "version_affected": "=",
+ "version_value": "2.0.44"
+ },
+ {
+ "version_name": "2.0",
+ "version_affected": "=",
+ "version_value": "2.0.43"
+ },
+ {
+ "version_name": "2.0",
+ "version_affected": "=",
+ "version_value": "2.0.42"
+ },
+ {
+ "version_name": "2.0",
+ "version_affected": "=",
+ "version_value": "2.0.40"
+ },
+ {
+ "version_name": "2.0",
+ "version_affected": "=",
+ "version_value": "2.0.39"
+ },
+ {
+ "version_name": "2.0",
+ "version_affected": "=",
+ "version_value": "2.0.37"
+ },
+ {
+ "version_name": "2.0",
+ "version_affected": "=",
+ "version_value": "2.0.36"
+ },
+ {
+ "version_name": "2.0",
+ "version_affected": "=",
+ "version_value": "2.0.35"
+ }
+ ]
+ }
+ }
+ ]
+ }
+ }
+ ]
+ }
+ }
+}
\ No newline at end of file
Added: httpd/site/trunk/content/security/json/CVE-2005-2970.json
URL: http://svn.apache.org/viewvc/httpd/site/trunk/content/security/json/CVE-2005-2970.json?rev=1888194&view=auto
==============================================================================
--- httpd/site/trunk/content/security/json/CVE-2005-2970.json (added)
+++ httpd/site/trunk/content/security/json/CVE-2005-2970.json Tue Mar 30 10:13:32 2021
@@ -0,0 +1,161 @@
+{
+ "data_type": "CVE",
+ "data_format": "MITRE",
+ "data_version": "4.0",
+ "generator": {
+ "engine": "xmltojsonmjc 1.0"
+ },
+ "references": {},
+ "timeline": [
+ {
+ "time": "2005-10-14",
+ "lang": "eng",
+ "value": "2.0.55 released"
+ }
+ ],
+ "CNA_private": {
+ "owner": "httpd"
+ },
+ "CVE_data_meta": {
+ "ASSIGNER": "security@apache.org",
+ "AKA": "",
+ "STATE": "PUBLIC",
+ "ID": "CVE-2005-2970",
+ "TITLE": "Worker MPM memory leak"
+ },
+ "source": {
+ "defect": [],
+ "advisory": "",
+ "discovery": "UNKNOWN"
+ },
+ "problemtype": {
+ "problemtype_data": [
+ {
+ "description": [
+ {
+ "lang": "eng",
+ "value": "Worker MPM memory leak"
+ }
+ ]
+ }
+ ]
+ },
+ "description": {
+ "description_data": [
+ {
+ "lang": "eng",
+ "value": "A memory leak in the worker MPM would allow remote attackers to cause a denial of service (memory consumption) via aborted connections, which prevents the memory for the transaction pool from being reused for other connections. This issue was downgraded in severity to low (from moderate) as sucessful exploitation of the race condition would be difficult."
+ }
+ ]
+ },
+ "impact": [
+ {
+ "other": "low"
+ }
+ ],
+ "affects": {
+ "vendor": {
+ "vendor_data": [
+ {
+ "vendor_name": "Apache Software Foundation",
+ "product": {
+ "product_data": [
+ {
+ "product_name": "Apache HTTP Server",
+ "version": {
+ "version_data": [
+ {
+ "version_name": "2.0",
+ "version_affected": "=",
+ "version_value": "2.0.54"
+ },
+ {
+ "version_name": "2.0",
+ "version_affected": "=",
+ "version_value": "2.0.53"
+ },
+ {
+ "version_name": "2.0",
+ "version_affected": "=",
+ "version_value": "2.0.52"
+ },
+ {
+ "version_name": "2.0",
+ "version_affected": "=",
+ "version_value": "2.0.51"
+ },
+ {
+ "version_name": "2.0",
+ "version_affected": "=",
+ "version_value": "2.0.50"
+ },
+ {
+ "version_name": "2.0",
+ "version_affected": "=",
+ "version_value": "2.0.49"
+ },
+ {
+ "version_name": "2.0",
+ "version_affected": "=",
+ "version_value": "2.0.48"
+ },
+ {
+ "version_name": "2.0",
+ "version_affected": "=",
+ "version_value": "2.0.47"
+ },
+ {
+ "version_name": "2.0",
+ "version_affected": "=",
+ "version_value": "2.0.46"
+ },
+ {
+ "version_name": "2.0",
+ "version_affected": "=",
+ "version_value": "2.0.45"
+ },
+ {
+ "version_name": "2.0",
+ "version_affected": "=",
+ "version_value": "2.0.44"
+ },
+ {
+ "version_name": "2.0",
+ "version_affected": "=",
+ "version_value": "2.0.43"
+ },
+ {
+ "version_name": "2.0",
+ "version_affected": "=",
+ "version_value": "2.0.42"
+ },
+ {
+ "version_name": "2.0",
+ "version_affected": "=",
+ "version_value": "2.0.40"
+ },
+ {
+ "version_name": "2.0",
+ "version_affected": "=",
+ "version_value": "2.0.39"
+ },
+ {
+ "version_name": "2.0",
+ "version_affected": "=",
+ "version_value": "2.0.37"
+ },
+ {
+ "version_name": "2.0",
+ "version_affected": "=",
+ "version_value": "2.0.36"
+ }
+ ]
+ }
+ }
+ ]
+ }
+ }
+ ]
+ }
+ }
+}
\ No newline at end of file
Added: httpd/site/trunk/content/security/json/CVE-2005-3352.json
URL: http://svn.apache.org/viewvc/httpd/site/trunk/content/security/json/CVE-2005-3352.json?rev=1888194&view=auto
==============================================================================
--- httpd/site/trunk/content/security/json/CVE-2005-3352.json (added)
+++ httpd/site/trunk/content/security/json/CVE-2005-3352.json Tue Mar 30 10:13:32 2021
@@ -0,0 +1,312 @@
+{
+ "data_type": "CVE",
+ "data_format": "MITRE",
+ "data_version": "4.0",
+ "generator": {
+ "engine": "xmltojsonmjc 1.0"
+ },
+ "references": {},
+ "timeline": [
+ {
+ "time": "2005-11-01",
+ "lang": "eng",
+ "value": "reported"
+ },
+ {
+ "time": "2005-12-12",
+ "lang": "eng",
+ "value": "public"
+ },
+ {
+ "time": "2006-05-01",
+ "lang": "eng",
+ "value": "2.2.2 released"
+ },
+ {
+ "time": "2006-05-01",
+ "lang": "eng",
+ "value": "2.0.58 released"
+ },
+ {
+ "time": "2006-05-01",
+ "lang": "eng",
+ "value": "1.3.35 released"
+ }
+ ],
+ "CNA_private": {
+ "owner": "httpd"
+ },
+ "CVE_data_meta": {
+ "ASSIGNER": "security@apache.org",
+ "AKA": "",
+ "STATE": "PUBLIC",
+ "DATE_PUBLIC": "2005-12-12",
+ "ID": "CVE-2005-3352",
+ "TITLE": "mod_imap Referer Cross-Site Scripting"
+ },
+ "source": {
+ "defect": [],
+ "advisory": "",
+ "discovery": "UNKNOWN"
+ },
+ "problemtype": {
+ "problemtype_data": [
+ {
+ "description": [
+ {
+ "lang": "eng",
+ "value": "mod_imap Referer Cross-Site Scripting"
+ }
+ ]
+ }
+ ]
+ },
+ "description": {
+ "description_data": [
+ {
+ "lang": "eng",
+ "value": "A flaw in mod_imap when using the Referer directive with image maps. In certain site configurations a remote attacker could perform a cross-site scripting attack if a victim can be forced to visit a malicious URL using certain web browsers."
+ }
+ ]
+ },
+ "impact": [
+ {
+ "other": "moderate"
+ }
+ ],
+ "affects": {
+ "vendor": {
+ "vendor_data": [
+ {
+ "vendor_name": "Apache Software Foundation",
+ "product": {
+ "product_data": [
+ {
+ "product_name": "Apache HTTP Server",
+ "version": {
+ "version_data": [
+ {
+ "version_name": "2.2",
+ "version_affected": "=",
+ "version_value": "2.2.0"
+ },
+ {
+ "version_name": "2.0",
+ "version_affected": "=",
+ "version_value": "2.0.55"
+ },
+ {
+ "version_name": "2.0",
+ "version_affected": "=",
+ "version_value": "2.0.54"
+ },
+ {
+ "version_name": "2.0",
+ "version_affected": "=",
+ "version_value": "2.0.53"
+ },
+ {
+ "version_name": "2.0",
+ "version_affected": "=",
+ "version_value": "2.0.52"
+ },
+ {
+ "version_name": "2.0",
+ "version_affected": "=",
+ "version_value": "2.0.51"
+ },
+ {
+ "version_name": "2.0",
+ "version_affected": "=",
+ "version_value": "2.0.50"
+ },
+ {
+ "version_name": "2.0",
+ "version_affected": "=",
+ "version_value": "2.0.49"
+ },
+ {
+ "version_name": "2.0",
+ "version_affected": "=",
+ "version_value": "2.0.48"
+ },
+ {
+ "version_name": "2.0",
+ "version_affected": "=",
+ "version_value": "2.0.47"
+ },
+ {
+ "version_name": "2.0",
+ "version_affected": "=",
+ "version_value": "2.0.46"
+ },
+ {
+ "version_name": "2.0",
+ "version_affected": "=",
+ "version_value": "2.0.45"
+ },
+ {
+ "version_name": "2.0",
+ "version_affected": "=",
+ "version_value": "2.0.44"
+ },
+ {
+ "version_name": "2.0",
+ "version_affected": "=",
+ "version_value": "2.0.43"
+ },
+ {
+ "version_name": "2.0",
+ "version_affected": "=",
+ "version_value": "2.0.42"
+ },
+ {
+ "version_name": "2.0",
+ "version_affected": "=",
+ "version_value": "2.0.40"
+ },
+ {
+ "version_name": "2.0",
+ "version_affected": "=",
+ "version_value": "2.0.39"
+ },
+ {
+ "version_name": "2.0",
+ "version_affected": "=",
+ "version_value": "2.0.37"
+ },
+ {
+ "version_name": "2.0",
+ "version_affected": "=",
+ "version_value": "2.0.36"
+ },
+ {
+ "version_name": "2.0",
+ "version_affected": "=",
+ "version_value": "2.0.35"
+ },
+ {
+ "version_name": "1.3",
+ "version_affected": "=",
+ "version_value": "1.3.34"
+ },
+ {
+ "version_name": "1.3",
+ "version_affected": "=",
+ "version_value": "1.3.33"
+ },
+ {
+ "version_name": "1.3",
+ "version_affected": "=",
+ "version_value": "1.3.32"
+ },
+ {
+ "version_name": "1.3",
+ "version_affected": "=",
+ "version_value": "1.3.31"
+ },
+ {
+ "version_name": "1.3",
+ "version_affected": "=",
+ "version_value": "1.3.29"
+ },
+ {
+ "version_name": "1.3",
+ "version_affected": "=",
+ "version_value": "1.3.28"
+ },
+ {
+ "version_name": "1.3",
+ "version_affected": "=",
+ "version_value": "1.3.27"
+ },
+ {
+ "version_name": "1.3",
+ "version_affected": "=",
+ "version_value": "1.3.26"
+ },
+ {
+ "version_name": "1.3",
+ "version_affected": "=",
+ "version_value": "1.3.24"
+ },
+ {
+ "version_name": "1.3",
+ "version_affected": "=",
+ "version_value": "1.3.22"
+ },
+ {
+ "version_name": "1.3",
+ "version_affected": "=",
+ "version_value": "1.3.20"
+ },
+ {
+ "version_name": "1.3",
+ "version_affected": "=",
+ "version_value": "1.3.19"
+ },
+ {
+ "version_name": "1.3",
+ "version_affected": "=",
+ "version_value": "1.3.17"
+ },
+ {
+ "version_name": "1.3",
+ "version_affected": "=",
+ "version_value": "1.3.14"
+ },
+ {
+ "version_name": "1.3",
+ "version_affected": "=",
+ "version_value": "1.3.12"
+ },
+ {
+ "version_name": "1.3",
+ "version_affected": "=",
+ "version_value": "1.3.11"
+ },
+ {
+ "version_name": "1.3",
+ "version_affected": "=",
+ "version_value": "1.3.9"
+ },
+ {
+ "version_name": "1.3",
+ "version_affected": "=",
+ "version_value": "1.3.6"
+ },
+ {
+ "version_name": "1.3",
+ "version_affected": "=",
+ "version_value": "1.3.4"
+ },
+ {
+ "version_name": "1.3",
+ "version_affected": "=",
+ "version_value": "1.3.3"
+ },
+ {
+ "version_name": "1.3",
+ "version_affected": "=",
+ "version_value": "1.3.2"
+ },
+ {
+ "version_name": "1.3",
+ "version_affected": "=",
+ "version_value": "1.3.1"
+ },
+ {
+ "version_name": "1.3",
+ "version_affected": "=",
+ "version_value": "1.3.0"
+ }
+ ]
+ }
+ }
+ ]
+ }
+ }
+ ]
+ }
+ }
+}
\ No newline at end of file
Added: httpd/site/trunk/content/security/json/CVE-2005-3357.json
URL: http://svn.apache.org/viewvc/httpd/site/trunk/content/security/json/CVE-2005-3357.json?rev=1888194&view=auto
==============================================================================
--- httpd/site/trunk/content/security/json/CVE-2005-3357.json (added)
+++ httpd/site/trunk/content/security/json/CVE-2005-3357.json Tue Mar 30 10:13:32 2021
@@ -0,0 +1,192 @@
+{
+ "data_type": "CVE",
+ "data_format": "MITRE",
+ "data_version": "4.0",
+ "generator": {
+ "engine": "xmltojsonmjc 1.0"
+ },
+ "references": {},
+ "timeline": [
+ {
+ "time": "2005-12-05",
+ "lang": "eng",
+ "value": "reported"
+ },
+ {
+ "time": "2005-12-12",
+ "lang": "eng",
+ "value": "public"
+ },
+ {
+ "time": "2006-05-01",
+ "lang": "eng",
+ "value": "2.2.2 released"
+ },
+ {
+ "time": "2006-05-01",
+ "lang": "eng",
+ "value": "2.0.58 released"
+ }
+ ],
+ "CNA_private": {
+ "owner": "httpd"
+ },
+ "CVE_data_meta": {
+ "ASSIGNER": "security@apache.org",
+ "AKA": "",
+ "STATE": "PUBLIC",
+ "DATE_PUBLIC": "2005-12-12",
+ "ID": "CVE-2005-3357",
+ "TITLE": "mod_ssl access control DoS"
+ },
+ "source": {
+ "defect": [],
+ "advisory": "",
+ "discovery": "UNKNOWN"
+ },
+ "problemtype": {
+ "problemtype_data": [
+ {
+ "description": [
+ {
+ "lang": "eng",
+ "value": "mod_ssl access control DoS"
+ }
+ ]
+ }
+ ]
+ },
+ "description": {
+ "description_data": [
+ {
+ "lang": "eng",
+ "value": "A NULL pointer dereference flaw in mod_ssl was discovered affecting server configurations where an SSL virtual host is configured with access control and a custom 400 error document. A remote attacker could send a carefully crafted request to trigger this issue which would lead to a crash. This crash would only be a denial of service if using the worker MPM."
+ }
+ ]
+ },
+ "impact": [
+ {
+ "other": "low"
+ }
+ ],
+ "affects": {
+ "vendor": {
+ "vendor_data": [
+ {
+ "vendor_name": "Apache Software Foundation",
+ "product": {
+ "product_data": [
+ {
+ "product_name": "Apache HTTP Server",
+ "version": {
+ "version_data": [
+ {
+ "version_name": "2.2",
+ "version_affected": "=",
+ "version_value": "2.2.0"
+ },
+ {
+ "version_name": "2.0",
+ "version_affected": "=",
+ "version_value": "2.0.55"
+ },
+ {
+ "version_name": "2.0",
+ "version_affected": "=",
+ "version_value": "2.0.54"
+ },
+ {
+ "version_name": "2.0",
+ "version_affected": "=",
+ "version_value": "2.0.53"
+ },
+ {
+ "version_name": "2.0",
+ "version_affected": "=",
+ "version_value": "2.0.52"
+ },
+ {
+ "version_name": "2.0",
+ "version_affected": "=",
+ "version_value": "2.0.51"
+ },
+ {
+ "version_name": "2.0",
+ "version_affected": "=",
+ "version_value": "2.0.50"
+ },
+ {
+ "version_name": "2.0",
+ "version_affected": "=",
+ "version_value": "2.0.49"
+ },
+ {
+ "version_name": "2.0",
+ "version_affected": "=",
+ "version_value": "2.0.48"
+ },
+ {
+ "version_name": "2.0",
+ "version_affected": "=",
+ "version_value": "2.0.47"
+ },
+ {
+ "version_name": "2.0",
+ "version_affected": "=",
+ "version_value": "2.0.46"
+ },
+ {
+ "version_name": "2.0",
+ "version_affected": "=",
+ "version_value": "2.0.45"
+ },
+ {
+ "version_name": "2.0",
+ "version_affected": "=",
+ "version_value": "2.0.44"
+ },
+ {
+ "version_name": "2.0",
+ "version_affected": "=",
+ "version_value": "2.0.43"
+ },
+ {
+ "version_name": "2.0",
+ "version_affected": "=",
+ "version_value": "2.0.42"
+ },
+ {
+ "version_name": "2.0",
+ "version_affected": "=",
+ "version_value": "2.0.40"
+ },
+ {
+ "version_name": "2.0",
+ "version_affected": "=",
+ "version_value": "2.0.39"
+ },
+ {
+ "version_name": "2.0",
+ "version_affected": "=",
+ "version_value": "2.0.37"
+ },
+ {
+ "version_name": "2.0",
+ "version_affected": "=",
+ "version_value": "2.0.36"
+ },
+ {
+ "version_name": "2.0",
+ "version_affected": "=",
+ "version_value": "2.0.35"
+ }
+ ]
+ }
+ }
+ ]
+ }
+ }
+ ]
+ }
+ }
+}
\ No newline at end of file
Added: httpd/site/trunk/content/security/json/CVE-2006-3747.json
URL: http://svn.apache.org/viewvc/httpd/site/trunk/content/security/json/CVE-2006-3747.json?rev=1888194&view=auto
==============================================================================
--- httpd/site/trunk/content/security/json/CVE-2006-3747.json (added)
+++ httpd/site/trunk/content/security/json/CVE-2006-3747.json Tue Mar 30 10:13:32 2021
@@ -0,0 +1,202 @@
+{
+ "data_type": "CVE",
+ "data_format": "MITRE",
+ "data_version": "4.0",
+ "generator": {
+ "engine": "xmltojsonmjc 1.0"
+ },
+ "references": {},
+ "timeline": [
+ {
+ "time": "2006-07-21",
+ "lang": "eng",
+ "value": "reported"
+ },
+ {
+ "time": "2006-07-27",
+ "lang": "eng",
+ "value": "public"
+ },
+ {
+ "time": "2006-07-27",
+ "lang": "eng",
+ "value": "2.2.3 released"
+ },
+ {
+ "time": "2006-07-27",
+ "lang": "eng",
+ "value": "2.0.59 released"
+ },
+ {
+ "time": "2006-07-27",
+ "lang": "eng",
+ "value": "1.3.37 released"
+ }
+ ],
+ "CNA_private": {
+ "owner": "httpd"
+ },
+ "CVE_data_meta": {
+ "ASSIGNER": "security@apache.org",
+ "AKA": "",
+ "STATE": "PUBLIC",
+ "DATE_PUBLIC": "2006-07-27",
+ "ID": "CVE-2006-3747",
+ "TITLE": "mod_rewrite off-by-one error"
+ },
+ "source": {
+ "defect": [],
+ "advisory": "",
+ "discovery": "UNKNOWN"
+ },
+ "problemtype": {
+ "problemtype_data": [
+ {
+ "description": [
+ {
+ "lang": "eng",
+ "value": "mod_rewrite off-by-one error"
+ }
+ ]
+ }
+ ]
+ },
+ "description": {
+ "description_data": [
+ {
+ "lang": "eng",
+ "value": "An off-by-one flaw exists in the Rewrite module, mod_rewrite. Depending on the manner in which Apache httpd was compiled, this software defect may result in a vulnerability which, in combination with certain types of Rewrite rules in the web server configuration files, could be triggered remotely. For vulnerable builds, the nature of the vulnerability can be denial of service (crashing of web server processes) or potentially allow arbitrary code execution."
+ }
+ ]
+ },
+ "impact": [
+ {
+ "other": "important"
+ }
+ ],
+ "affects": {
+ "vendor": {
+ "vendor_data": [
+ {
+ "vendor_name": "Apache Software Foundation",
+ "product": {
+ "product_data": [
+ {
+ "product_name": "Apache HTTP Server",
+ "version": {
+ "version_data": [
+ {
+ "version_name": "2.2",
+ "version_affected": "=",
+ "version_value": "2.2.2"
+ },
+ {
+ "version_name": "2.2",
+ "version_affected": "=",
+ "version_value": "2.2.0"
+ },
+ {
+ "version_name": "2.0",
+ "version_affected": "=",
+ "version_value": "2.0.58"
+ },
+ {
+ "version_name": "2.0",
+ "version_affected": "=",
+ "version_value": "2.0.55"
+ },
+ {
+ "version_name": "2.0",
+ "version_affected": "=",
+ "version_value": "2.0.54"
+ },
+ {
+ "version_name": "2.0",
+ "version_affected": "=",
+ "version_value": "2.0.53"
+ },
+ {
+ "version_name": "2.0",
+ "version_affected": "=",
+ "version_value": "2.0.52"
+ },
+ {
+ "version_name": "2.0",
+ "version_affected": "=",
+ "version_value": "2.0.51"
+ },
+ {
+ "version_name": "2.0",
+ "version_affected": "=",
+ "version_value": "2.0.50"
+ },
+ {
+ "version_name": "2.0",
+ "version_affected": "=",
+ "version_value": "2.0.49"
+ },
+ {
+ "version_name": "2.0",
+ "version_affected": "=",
+ "version_value": "2.0.48"
+ },
+ {
+ "version_name": "2.0",
+ "version_affected": "=",
+ "version_value": "2.0.47"
+ },
+ {
+ "version_name": "2.0",
+ "version_affected": "=",
+ "version_value": "2.0.46"
+ },
+ {
+ "version_name": "1.3",
+ "version_affected": "=",
+ "version_value": "1.3.36"
+ },
+ {
+ "version_name": "1.3",
+ "version_affected": "=",
+ "version_value": "1.3.35"
+ },
+ {
+ "version_name": "1.3",
+ "version_affected": "=",
+ "version_value": "1.3.34"
+ },
+ {
+ "version_name": "1.3",
+ "version_affected": "=",
+ "version_value": "1.3.33"
+ },
+ {
+ "version_name": "1.3",
+ "version_affected": "=",
+ "version_value": "1.3.32"
+ },
+ {
+ "version_name": "1.3",
+ "version_affected": "=",
+ "version_value": "1.3.31"
+ },
+ {
+ "version_name": "1.3",
+ "version_affected": "=",
+ "version_value": "1.3.29"
+ },
+ {
+ "version_name": "1.3",
+ "version_affected": "=",
+ "version_value": "1.3.28"
+ }
+ ]
+ }
+ }
+ ]
+ }
+ }
+ ]
+ }
+ }
+}
\ No newline at end of file
Added: httpd/site/trunk/content/security/json/CVE-2006-3918.json
URL: http://svn.apache.org/viewvc/httpd/site/trunk/content/security/json/CVE-2006-3918.json?rev=1888194&view=auto
==============================================================================
--- httpd/site/trunk/content/security/json/CVE-2006-3918.json (added)
+++ httpd/site/trunk/content/security/json/CVE-2006-3918.json Tue Mar 30 10:13:32 2021
@@ -0,0 +1,187 @@
+{
+ "data_type": "CVE",
+ "data_format": "MITRE",
+ "data_version": "4.0",
+ "generator": {
+ "engine": "xmltojsonmjc 1.0"
+ },
+ "references": {},
+ "timeline": [
+ {
+ "time": "--",
+ "lang": "eng",
+ "value": "reported"
+ },
+ {
+ "time": "2006-05-08",
+ "lang": "eng",
+ "value": "public"
+ },
+ {
+ "time": "2006-05-01",
+ "lang": "eng",
+ "value": "1.3.35 released"
+ }
+ ],
+ "CNA_private": {
+ "owner": "httpd"
+ },
+ "CVE_data_meta": {
+ "ASSIGNER": "security@apache.org",
+ "AKA": "",
+ "STATE": "PUBLIC",
+ "DATE_PUBLIC": "2006-05-08",
+ "ID": "CVE-2006-3918",
+ "TITLE": "Expect header Cross-Site Scripting"
+ },
+ "source": {
+ "defect": [],
+ "advisory": "",
+ "discovery": "UNKNOWN"
+ },
+ "problemtype": {
+ "problemtype_data": [
+ {
+ "description": [
+ {
+ "lang": "eng",
+ "value": "Expect header Cross-Site Scripting"
+ }
+ ]
+ }
+ ]
+ },
+ "description": {
+ "description_data": [
+ {
+ "lang": "eng",
+ "value": "A flaw in the handling of invalid Expect headers. If an attacker can influence the Expect header that a victim sends to a target site they could perform a cross-site scripting attack. It is known that some versions of Flash can set an arbitrary Expect header which can trigger this flaw. Not marked as a security issue for 2.0 or 2.2 as the cross-site scripting is only returned to the victim after the server times out a connection."
+ }
+ ]
+ },
+ "impact": [
+ {
+ "other": "moderate"
+ }
+ ],
+ "affects": {
+ "vendor": {
+ "vendor_data": [
+ {
+ "vendor_name": "Apache Software Foundation",
+ "product": {
+ "product_data": [
+ {
+ "product_name": "Apache HTTP Server",
+ "version": {
+ "version_data": [
+ {
+ "version_name": "1.3",
+ "version_affected": "=",
+ "version_value": "1.3.34"
+ },
+ {
+ "version_name": "1.3",
+ "version_affected": "=",
+ "version_value": "1.3.33"
+ },
+ {
+ "version_name": "1.3",
+ "version_affected": "=",
+ "version_value": "1.3.32"
+ },
+ {
+ "version_name": "1.3",
+ "version_affected": "=",
+ "version_value": "1.3.31"
+ },
+ {
+ "version_name": "1.3",
+ "version_affected": "=",
+ "version_value": "1.3.29"
+ },
+ {
+ "version_name": "1.3",
+ "version_affected": "=",
+ "version_value": "1.3.28"
+ },
+ {
+ "version_name": "1.3",
+ "version_affected": "=",
+ "version_value": "1.3.27"
+ },
+ {
+ "version_name": "1.3",
+ "version_affected": "=",
+ "version_value": "1.3.26"
+ },
+ {
+ "version_name": "1.3",
+ "version_affected": "=",
+ "version_value": "1.3.24"
+ },
+ {
+ "version_name": "1.3",
+ "version_affected": "=",
+ "version_value": "1.3.22"
+ },
+ {
+ "version_name": "1.3",
+ "version_affected": "=",
+ "version_value": "1.3.20"
+ },
+ {
+ "version_name": "1.3",
+ "version_affected": "=",
+ "version_value": "1.3.19"
+ },
+ {
+ "version_name": "1.3",
+ "version_affected": "=",
+ "version_value": "1.3.17"
+ },
+ {
+ "version_name": "1.3",
+ "version_affected": "=",
+ "version_value": "1.3.14"
+ },
+ {
+ "version_name": "1.3",
+ "version_affected": "=",
+ "version_value": "1.3.12"
+ },
+ {
+ "version_name": "1.3",
+ "version_affected": "=",
+ "version_value": "1.3.11"
+ },
+ {
+ "version_name": "1.3",
+ "version_affected": "=",
+ "version_value": "1.3.9"
+ },
+ {
+ "version_name": "1.3",
+ "version_affected": "=",
+ "version_value": "1.3.6"
+ },
+ {
+ "version_name": "1.3",
+ "version_affected": "=",
+ "version_value": "1.3.4"
+ },
+ {
+ "version_name": "1.3",
+ "version_affected": "=",
+ "version_value": "1.3.3"
+ }
+ ]
+ }
+ }
+ ]
+ }
+ }
+ ]
+ }
+ }
+}
\ No newline at end of file
Added: httpd/site/trunk/content/security/json/CVE-2006-5752.json
URL: http://svn.apache.org/viewvc/httpd/site/trunk/content/security/json/CVE-2006-5752.json?rev=1888194&view=auto
==============================================================================
--- httpd/site/trunk/content/security/json/CVE-2006-5752.json (added)
+++ httpd/site/trunk/content/security/json/CVE-2006-5752.json Tue Mar 30 10:13:32 2021
@@ -0,0 +1,342 @@
+{
+ "data_type": "CVE",
+ "data_format": "MITRE",
+ "data_version": "4.0",
+ "generator": {
+ "engine": "xmltojsonmjc 1.0"
+ },
+ "references": {},
+ "timeline": [
+ {
+ "time": "2006-10-19",
+ "lang": "eng",
+ "value": "reported"
+ },
+ {
+ "time": "2007-06-20",
+ "lang": "eng",
+ "value": "public"
+ },
+ {
+ "time": "2007-09-07",
+ "lang": "eng",
+ "value": "1.3.39 released"
+ },
+ {
+ "time": "2007-09-07",
+ "lang": "eng",
+ "value": "2.0.61 released"
+ },
+ {
+ "time": "2007-09-07",
+ "lang": "eng",
+ "value": "2.2.6 released"
+ }
+ ],
+ "CNA_private": {
+ "owner": "httpd"
+ },
+ "CVE_data_meta": {
+ "ASSIGNER": "security@apache.org",
+ "AKA": "",
+ "STATE": "PUBLIC",
+ "DATE_PUBLIC": "2007-06-20",
+ "ID": "CVE-2006-5752",
+ "TITLE": "mod_status cross-site scripting"
+ },
+ "source": {
+ "defect": [],
+ "advisory": "",
+ "discovery": "UNKNOWN"
+ },
+ "problemtype": {
+ "problemtype_data": [
+ {
+ "description": [
+ {
+ "lang": "eng",
+ "value": "mod_status cross-site scripting"
+ }
+ ]
+ }
+ ]
+ },
+ "description": {
+ "description_data": [
+ {
+ "lang": "eng",
+ "value": "A flaw was found in the mod_status module. On sites where the server-status page is publicly accessible and ExtendedStatus is enabled this could lead to a cross-site scripting attack. Note that the server-status page is not enabled by default and it is best practice to not make this publicly available."
+ }
+ ]
+ },
+ "impact": [
+ {
+ "other": "moderate"
+ }
+ ],
+ "affects": {
+ "vendor": {
+ "vendor_data": [
+ {
+ "vendor_name": "Apache Software Foundation",
+ "product": {
+ "product_data": [
+ {
+ "product_name": "Apache HTTP Server",
+ "version": {
+ "version_data": [
+ {
+ "version_name": "1.3",
+ "version_affected": "=",
+ "version_value": "1.3.37"
+ },
+ {
+ "version_name": "1.3",
+ "version_affected": "=",
+ "version_value": "1.3.36"
+ },
+ {
+ "version_name": "1.3",
+ "version_affected": "=",
+ "version_value": "1.3.35"
+ },
+ {
+ "version_name": "1.3",
+ "version_affected": "=",
+ "version_value": "1.3.34"
+ },
+ {
+ "version_name": "1.3",
+ "version_affected": "=",
+ "version_value": "1.3.33"
+ },
+ {
+ "version_name": "1.3",
+ "version_affected": "=",
+ "version_value": "1.3.32"
+ },
+ {
+ "version_name": "1.3",
+ "version_affected": "=",
+ "version_value": "1.3.31"
+ },
+ {
+ "version_name": "1.3",
+ "version_affected": "=",
+ "version_value": "1.3.29"
+ },
+ {
+ "version_name": "1.3",
+ "version_affected": "=",
+ "version_value": "1.3.28"
+ },
+ {
+ "version_name": "1.3",
+ "version_affected": "=",
+ "version_value": "1.3.27"
+ },
+ {
+ "version_name": "1.3",
+ "version_affected": "=",
+ "version_value": "1.3.26"
+ },
+ {
+ "version_name": "1.3",
+ "version_affected": "=",
+ "version_value": "1.3.24"
+ },
+ {
+ "version_name": "1.3",
+ "version_affected": "=",
+ "version_value": "1.3.22"
+ },
+ {
+ "version_name": "1.3",
+ "version_affected": "=",
+ "version_value": "1.3.20"
+ },
+ {
+ "version_name": "1.3",
+ "version_affected": "=",
+ "version_value": "1.3.19"
+ },
+ {
+ "version_name": "1.3",
+ "version_affected": "=",
+ "version_value": "1.3.17"
+ },
+ {
+ "version_name": "1.3",
+ "version_affected": "=",
+ "version_value": "1.3.14"
+ },
+ {
+ "version_name": "1.3",
+ "version_affected": "=",
+ "version_value": "1.3.12"
+ },
+ {
+ "version_name": "1.3",
+ "version_affected": "=",
+ "version_value": "1.3.11"
+ },
+ {
+ "version_name": "1.3",
+ "version_affected": "=",
+ "version_value": "1.3.9"
+ },
+ {
+ "version_name": "1.3",
+ "version_affected": "=",
+ "version_value": "1.3.6"
+ },
+ {
+ "version_name": "1.3",
+ "version_affected": "=",
+ "version_value": "1.3.4"
+ },
+ {
+ "version_name": "1.3",
+ "version_affected": "=",
+ "version_value": "1.3.3"
+ },
+ {
+ "version_name": "1.3",
+ "version_affected": "=",
+ "version_value": "1.3.2"
+ },
+ {
+ "version_name": "2.0",
+ "version_affected": "=",
+ "version_value": "2.0.59"
+ },
+ {
+ "version_name": "2.0",
+ "version_affected": "=",
+ "version_value": "2.0.58"
+ },
+ {
+ "version_name": "2.0",
+ "version_affected": "=",
+ "version_value": "2.0.55"
+ },
+ {
+ "version_name": "2.0",
+ "version_affected": "=",
+ "version_value": "2.0.54"
+ },
+ {
+ "version_name": "2.0",
+ "version_affected": "=",
+ "version_value": "2.0.53"
+ },
+ {
+ "version_name": "2.0",
+ "version_affected": "=",
+ "version_value": "2.0.52"
+ },
+ {
+ "version_name": "2.0",
+ "version_affected": "=",
+ "version_value": "2.0.51"
+ },
+ {
+ "version_name": "2.0",
+ "version_affected": "=",
+ "version_value": "2.0.50"
+ },
+ {
+ "version_name": "2.0",
+ "version_affected": "=",
+ "version_value": "2.0.49"
+ },
+ {
+ "version_name": "2.0",
+ "version_affected": "=",
+ "version_value": "2.0.48"
+ },
+ {
+ "version_name": "2.0",
+ "version_affected": "=",
+ "version_value": "2.0.47"
+ },
+ {
+ "version_name": "2.0",
+ "version_affected": "=",
+ "version_value": "2.0.46"
+ },
+ {
+ "version_name": "2.0",
+ "version_affected": "=",
+ "version_value": "2.0.45"
+ },
+ {
+ "version_name": "2.0",
+ "version_affected": "=",
+ "version_value": "2.0.44"
+ },
+ {
+ "version_name": "2.0",
+ "version_affected": "=",
+ "version_value": "2.0.43"
+ },
+ {
+ "version_name": "2.0",
+ "version_affected": "=",
+ "version_value": "2.0.42"
+ },
+ {
+ "version_name": "2.0",
+ "version_affected": "=",
+ "version_value": "2.0.40"
+ },
+ {
+ "version_name": "2.0",
+ "version_affected": "=",
+ "version_value": "2.0.39"
+ },
+ {
+ "version_name": "2.0",
+ "version_affected": "=",
+ "version_value": "2.0.37"
+ },
+ {
+ "version_name": "2.0",
+ "version_affected": "=",
+ "version_value": "2.0.36"
+ },
+ {
+ "version_name": "2.0",
+ "version_affected": "=",
+ "version_value": "2.0.35"
+ },
+ {
+ "version_name": "2.2",
+ "version_affected": "=",
+ "version_value": "2.2.4"
+ },
+ {
+ "version_name": "2.2",
+ "version_affected": "=",
+ "version_value": "2.2.3"
+ },
+ {
+ "version_name": "2.2",
+ "version_affected": "=",
+ "version_value": "2.2.2"
+ },
+ {
+ "version_name": "2.2",
+ "version_affected": "=",
+ "version_value": "2.2.0"
+ }
+ ]
+ }
+ }
+ ]
+ }
+ }
+ ]
+ }
+ }
+}
\ No newline at end of file
Added: httpd/site/trunk/content/security/json/CVE-2007-1862.json
URL: http://svn.apache.org/viewvc/httpd/site/trunk/content/security/json/CVE-2007-1862.json?rev=1888194&view=auto
==============================================================================
--- httpd/site/trunk/content/security/json/CVE-2007-1862.json (added)
+++ httpd/site/trunk/content/security/json/CVE-2007-1862.json Tue Mar 30 10:13:32 2021
@@ -0,0 +1,92 @@
+{
+ "data_type": "CVE",
+ "data_format": "MITRE",
+ "data_version": "4.0",
+ "generator": {
+ "engine": "xmltojsonmjc 1.0"
+ },
+ "references": {},
+ "timeline": [
+ {
+ "time": "2007-04-26",
+ "lang": "eng",
+ "value": "reported"
+ },
+ {
+ "time": "2007-06-01",
+ "lang": "eng",
+ "value": "public"
+ },
+ {
+ "time": "2007-09-07",
+ "lang": "eng",
+ "value": "2.2.6 released"
+ }
+ ],
+ "CNA_private": {
+ "owner": "httpd"
+ },
+ "CVE_data_meta": {
+ "ASSIGNER": "security@apache.org",
+ "AKA": "",
+ "STATE": "PUBLIC",
+ "DATE_PUBLIC": "2007-06-01",
+ "ID": "CVE-2007-1862",
+ "TITLE": "mod_cache information leak"
+ },
+ "source": {
+ "defect": [],
+ "advisory": "",
+ "discovery": "UNKNOWN"
+ },
+ "problemtype": {
+ "problemtype_data": [
+ {
+ "description": [
+ {
+ "lang": "eng",
+ "value": "mod_cache information leak"
+ }
+ ]
+ }
+ ]
+ },
+ "description": {
+ "description_data": [
+ {
+ "lang": "eng",
+ "value": "The recall_headers function in mod_mem_cache in Apache 2.2.4 did not properly copy all levels of header data, which can cause Apache to return HTTP headers containing previously used data, which could be used by remote attackers to obtain potentially sensitive information."
+ }
+ ]
+ },
+ "impact": [
+ {
+ "other": "moderate"
+ }
+ ],
+ "affects": {
+ "vendor": {
+ "vendor_data": [
+ {
+ "vendor_name": "Apache Software Foundation",
+ "product": {
+ "product_data": [
+ {
+ "product_name": "Apache HTTP Server",
+ "version": {
+ "version_data": [
+ {
+ "version_name": "2.2",
+ "version_affected": "=",
+ "version_value": "2.2.4"
+ }
+ ]
+ }
+ }
+ ]
+ }
+ }
+ ]
+ }
+ }
+}
\ No newline at end of file
Added: httpd/site/trunk/content/security/json/CVE-2007-1863.json
URL: http://svn.apache.org/viewvc/httpd/site/trunk/content/security/json/CVE-2007-1863.json?rev=1888194&view=auto
==============================================================================
--- httpd/site/trunk/content/security/json/CVE-2007-1863.json (added)
+++ httpd/site/trunk/content/security/json/CVE-2007-1863.json Tue Mar 30 10:13:32 2021
@@ -0,0 +1,207 @@
+{
+ "data_type": "CVE",
+ "data_format": "MITRE",
+ "data_version": "4.0",
+ "generator": {
+ "engine": "xmltojsonmjc 1.0"
+ },
+ "references": {},
+ "timeline": [
+ {
+ "time": "2007-05-02",
+ "lang": "eng",
+ "value": "reported"
+ },
+ {
+ "time": "2007-06-18",
+ "lang": "eng",
+ "value": "public"
+ },
+ {
+ "time": "2007-09-07",
+ "lang": "eng",
+ "value": "2.0.61 released"
+ },
+ {
+ "time": "2007-09-07",
+ "lang": "eng",
+ "value": "2.2.6 released"
+ }
+ ],
+ "CNA_private": {
+ "owner": "httpd"
+ },
+ "CVE_data_meta": {
+ "ASSIGNER": "security@apache.org",
+ "AKA": "",
+ "STATE": "PUBLIC",
+ "DATE_PUBLIC": "2007-06-18",
+ "ID": "CVE-2007-1863",
+ "TITLE": "mod_cache proxy DoS"
+ },
+ "source": {
+ "defect": [],
+ "advisory": "",
+ "discovery": "UNKNOWN"
+ },
+ "problemtype": {
+ "problemtype_data": [
+ {
+ "description": [
+ {
+ "lang": "eng",
+ "value": "mod_cache proxy DoS"
+ }
+ ]
+ }
+ ]
+ },
+ "description": {
+ "description_data": [
+ {
+ "lang": "eng",
+ "value": "A bug was found in the mod_cache module. On sites where caching is enabled, a remote attacker could send a carefully crafted request that would cause the Apache child process handling that request to crash. This could lead to a denial of service if using a threaded Multi-Processing Module."
+ }
+ ]
+ },
+ "impact": [
+ {
+ "other": "moderate"
+ }
+ ],
+ "affects": {
+ "vendor": {
+ "vendor_data": [
+ {
+ "vendor_name": "Apache Software Foundation",
+ "product": {
+ "product_data": [
+ {
+ "product_name": "Apache HTTP Server",
+ "version": {
+ "version_data": [
+ {
+ "version_name": "2.0",
+ "version_affected": "=",
+ "version_value": "2.0.59"
+ },
+ {
+ "version_name": "2.0",
+ "version_affected": "=",
+ "version_value": "2.0.58"
+ },
+ {
+ "version_name": "2.0",
+ "version_affected": "=",
+ "version_value": "2.0.55"
+ },
+ {
+ "version_name": "2.0",
+ "version_affected": "=",
+ "version_value": "2.0.54"
+ },
+ {
+ "version_name": "2.0",
+ "version_affected": "=",
+ "version_value": "2.0.53"
+ },
+ {
+ "version_name": "2.0",
+ "version_affected": "=",
+ "version_value": "2.0.52"
+ },
+ {
+ "version_name": "2.0",
+ "version_affected": "=",
+ "version_value": "2.0.51"
+ },
+ {
+ "version_name": "2.0",
+ "version_affected": "=",
+ "version_value": "2.0.50"
+ },
+ {
+ "version_name": "2.0",
+ "version_affected": "=",
+ "version_value": "2.0.49"
+ },
+ {
+ "version_name": "2.0",
+ "version_affected": "=",
+ "version_value": "2.0.48"
+ },
+ {
+ "version_name": "2.0",
+ "version_affected": "=",
+ "version_value": "2.0.47"
+ },
+ {
+ "version_name": "2.0",
+ "version_affected": "=",
+ "version_value": "2.0.46"
+ },
+ {
+ "version_name": "2.0",
+ "version_affected": "=",
+ "version_value": "2.0.45"
+ },
+ {
+ "version_name": "2.0",
+ "version_affected": "=",
+ "version_value": "2.0.44"
+ },
+ {
+ "version_name": "2.0",
+ "version_affected": "=",
+ "version_value": "2.0.43"
+ },
+ {
+ "version_name": "2.0",
+ "version_affected": "=",
+ "version_value": "2.0.42"
+ },
+ {
+ "version_name": "2.0",
+ "version_affected": "=",
+ "version_value": "2.0.40"
+ },
+ {
+ "version_name": "2.0",
+ "version_affected": "=",
+ "version_value": "2.0.39"
+ },
+ {
+ "version_name": "2.0",
+ "version_affected": "=",
+ "version_value": "2.0.37"
+ },
+ {
+ "version_name": "2.2",
+ "version_affected": "=",
+ "version_value": "2.2.4"
+ },
+ {
+ "version_name": "2.2",
+ "version_affected": "=",
+ "version_value": "2.2.3"
+ },
+ {
+ "version_name": "2.2",
+ "version_affected": "=",
+ "version_value": "2.2.2"
+ },
+ {
+ "version_name": "2.2",
+ "version_affected": "=",
+ "version_value": "2.2.0"
+ }
+ ]
+ }
+ }
+ ]
+ }
+ }
+ ]
+ }
+ }
+}
\ No newline at end of file
Added: httpd/site/trunk/content/security/json/CVE-2007-3304.json
URL: http://svn.apache.org/viewvc/httpd/site/trunk/content/security/json/CVE-2007-3304.json?rev=1888194&view=auto
==============================================================================
--- httpd/site/trunk/content/security/json/CVE-2007-3304.json (added)
+++ httpd/site/trunk/content/security/json/CVE-2007-3304.json Tue Mar 30 10:13:32 2021
@@ -0,0 +1,352 @@
+{
+ "data_type": "CVE",
+ "data_format": "MITRE",
+ "data_version": "4.0",
+ "generator": {
+ "engine": "xmltojsonmjc 1.0"
+ },
+ "references": {},
+ "timeline": [
+ {
+ "time": "2006-05-15",
+ "lang": "eng",
+ "value": "reported"
+ },
+ {
+ "time": "2007-06-19",
+ "lang": "eng",
+ "value": "public"
+ },
+ {
+ "time": "2007-09-07",
+ "lang": "eng",
+ "value": "2.0.61 released"
+ },
+ {
+ "time": "2007-09-07",
+ "lang": "eng",
+ "value": "2.2.6 released"
+ },
+ {
+ "time": "2007-09-07",
+ "lang": "eng",
+ "value": "1.3.39 released"
+ }
+ ],
+ "CNA_private": {
+ "owner": "httpd"
+ },
+ "CVE_data_meta": {
+ "ASSIGNER": "security@apache.org",
+ "AKA": "",
+ "STATE": "PUBLIC",
+ "DATE_PUBLIC": "2007-06-19",
+ "ID": "CVE-2007-3304",
+ "TITLE": "Signals to arbitrary processes"
+ },
+ "source": {
+ "defect": [],
+ "advisory": "",
+ "discovery": "UNKNOWN"
+ },
+ "problemtype": {
+ "problemtype_data": [
+ {
+ "description": [
+ {
+ "lang": "eng",
+ "value": "Signals to arbitrary processes"
+ }
+ ]
+ }
+ ]
+ },
+ "description": {
+ "description_data": [
+ {
+ "lang": "eng",
+ "value": "The Apache HTTP server did not verify that a process was an Apache child process before sending it signals. A local attacker with the ability to run scripts on the HTTP server could manipulate the scoreboard and cause arbitrary processes to be terminated which could lead to a denial of service."
+ }
+ ]
+ },
+ "impact": [
+ {
+ "other": "moderate"
+ }
+ ],
+ "affects": {
+ "vendor": {
+ "vendor_data": [
+ {
+ "vendor_name": "Apache Software Foundation",
+ "product": {
+ "product_data": [
+ {
+ "product_name": "Apache HTTP Server",
+ "version": {
+ "version_data": [
+ {
+ "version_name": "2.0",
+ "version_affected": "=",
+ "version_value": "2.0.59"
+ },
+ {
+ "version_name": "2.0",
+ "version_affected": "=",
+ "version_value": "2.0.58"
+ },
+ {
+ "version_name": "2.0",
+ "version_affected": "=",
+ "version_value": "2.0.55"
+ },
+ {
+ "version_name": "2.0",
+ "version_affected": "=",
+ "version_value": "2.0.54"
+ },
+ {
+ "version_name": "2.0",
+ "version_affected": "=",
+ "version_value": "2.0.53"
+ },
+ {
+ "version_name": "2.0",
+ "version_affected": "=",
+ "version_value": "2.0.52"
+ },
+ {
+ "version_name": "2.0",
+ "version_affected": "=",
+ "version_value": "2.0.51"
+ },
+ {
+ "version_name": "2.0",
+ "version_affected": "=",
+ "version_value": "2.0.50"
+ },
+ {
+ "version_name": "2.0",
+ "version_affected": "=",
+ "version_value": "2.0.49"
+ },
+ {
+ "version_name": "2.0",
+ "version_affected": "=",
+ "version_value": "2.0.48"
+ },
+ {
+ "version_name": "2.0",
+ "version_affected": "=",
+ "version_value": "2.0.47"
+ },
+ {
+ "version_name": "2.0",
+ "version_affected": "=",
+ "version_value": "2.0.46"
+ },
+ {
+ "version_name": "2.0",
+ "version_affected": "=",
+ "version_value": "2.0.45"
+ },
+ {
+ "version_name": "2.0",
+ "version_affected": "=",
+ "version_value": "2.0.44"
+ },
+ {
+ "version_name": "2.0",
+ "version_affected": "=",
+ "version_value": "2.0.43"
+ },
+ {
+ "version_name": "2.0",
+ "version_affected": "=",
+ "version_value": "2.0.42"
+ },
+ {
+ "version_name": "2.0",
+ "version_affected": "=",
+ "version_value": "2.0.40"
+ },
+ {
+ "version_name": "2.0",
+ "version_affected": "=",
+ "version_value": "2.0.39"
+ },
+ {
+ "version_name": "2.0",
+ "version_affected": "=",
+ "version_value": "2.0.37"
+ },
+ {
+ "version_name": "2.0",
+ "version_affected": "=",
+ "version_value": "2.0.36"
+ },
+ {
+ "version_name": "2.0",
+ "version_affected": "=",
+ "version_value": "2.0.35"
+ },
+ {
+ "version_name": "2.2",
+ "version_affected": "=",
+ "version_value": "2.2.4"
+ },
+ {
+ "version_name": "2.2",
+ "version_affected": "=",
+ "version_value": "2.2.3"
+ },
+ {
+ "version_name": "2.2",
+ "version_affected": "=",
+ "version_value": "2.2.2"
+ },
+ {
+ "version_name": "2.2",
+ "version_affected": "=",
+ "version_value": "2.2.0"
+ },
+ {
+ "version_name": "1.3",
+ "version_affected": "=",
+ "version_value": "1.3.37"
+ },
+ {
+ "version_name": "1.3",
+ "version_affected": "=",
+ "version_value": "1.3.36"
+ },
+ {
+ "version_name": "1.3",
+ "version_affected": "=",
+ "version_value": "1.3.35"
+ },
+ {
+ "version_name": "1.3",
+ "version_affected": "=",
+ "version_value": "1.3.34"
+ },
+ {
+ "version_name": "1.3",
+ "version_affected": "=",
+ "version_value": "1.3.33"
+ },
+ {
+ "version_name": "1.3",
+ "version_affected": "=",
+ "version_value": "1.3.32"
+ },
+ {
+ "version_name": "1.3",
+ "version_affected": "=",
+ "version_value": "1.3.31"
+ },
+ {
+ "version_name": "1.3",
+ "version_affected": "=",
+ "version_value": "1.3.29"
+ },
+ {
+ "version_name": "1.3",
+ "version_affected": "=",
+ "version_value": "1.3.28"
+ },
+ {
+ "version_name": "1.3",
+ "version_affected": "=",
+ "version_value": "1.3.27"
+ },
+ {
+ "version_name": "1.3",
+ "version_affected": "=",
+ "version_value": "1.3.26"
+ },
+ {
+ "version_name": "1.3",
+ "version_affected": "=",
+ "version_value": "1.3.24"
+ },
+ {
+ "version_name": "1.3",
+ "version_affected": "=",
+ "version_value": "1.3.22"
+ },
+ {
+ "version_name": "1.3",
+ "version_affected": "=",
+ "version_value": "1.3.20"
+ },
+ {
+ "version_name": "1.3",
+ "version_affected": "=",
+ "version_value": "1.3.19"
+ },
+ {
+ "version_name": "1.3",
+ "version_affected": "=",
+ "version_value": "1.3.17"
+ },
+ {
+ "version_name": "1.3",
+ "version_affected": "=",
+ "version_value": "1.3.14"
+ },
+ {
+ "version_name": "1.3",
+ "version_affected": "=",
+ "version_value": "1.3.12"
+ },
+ {
+ "version_name": "1.3",
+ "version_affected": "=",
+ "version_value": "1.3.11"
+ },
+ {
+ "version_name": "1.3",
+ "version_affected": "=",
+ "version_value": "1.3.9"
+ },
+ {
+ "version_name": "1.3",
+ "version_affected": "=",
+ "version_value": "1.3.6"
+ },
+ {
+ "version_name": "1.3",
+ "version_affected": "=",
+ "version_value": "1.3.4"
+ },
+ {
+ "version_name": "1.3",
+ "version_affected": "=",
+ "version_value": "1.3.3"
+ },
+ {
+ "version_name": "1.3",
+ "version_affected": "=",
+ "version_value": "1.3.2"
+ },
+ {
+ "version_name": "1.3",
+ "version_affected": "=",
+ "version_value": "1.3.1"
+ },
+ {
+ "version_name": "1.3",
+ "version_affected": "=",
+ "version_value": "1.3.0"
+ }
+ ]
+ }
+ }
+ ]
+ }
+ }
+ ]
+ }
+ }
+}
\ No newline at end of file
Added: httpd/site/trunk/content/security/json/CVE-2007-3847.json
URL: http://svn.apache.org/viewvc/httpd/site/trunk/content/security/json/CVE-2007-3847.json?rev=1888194&view=auto
==============================================================================
--- httpd/site/trunk/content/security/json/CVE-2007-3847.json (added)
+++ httpd/site/trunk/content/security/json/CVE-2007-3847.json Tue Mar 30 10:13:32 2021
@@ -0,0 +1,217 @@
+{
+ "data_type": "CVE",
+ "data_format": "MITRE",
+ "data_version": "4.0",
+ "generator": {
+ "engine": "xmltojsonmjc 1.0"
+ },
+ "references": {},
+ "timeline": [
+ {
+ "time": "2006-12-10",
+ "lang": "eng",
+ "value": "reported"
+ },
+ {
+ "time": "2006-12-10",
+ "lang": "eng",
+ "value": "public"
+ },
+ {
+ "time": "2007-09-07",
+ "lang": "eng",
+ "value": "2.2.6 released"
+ },
+ {
+ "time": "2007-09-07",
+ "lang": "eng",
+ "value": "2.0.61 released"
+ }
+ ],
+ "CNA_private": {
+ "owner": "httpd"
+ },
+ "CVE_data_meta": {
+ "ASSIGNER": "security@apache.org",
+ "AKA": "",
+ "STATE": "PUBLIC",
+ "DATE_PUBLIC": "2006-12-10",
+ "ID": "CVE-2007-3847",
+ "TITLE": "mod_proxy crash"
+ },
+ "source": {
+ "defect": [],
+ "advisory": "",
+ "discovery": "UNKNOWN"
+ },
+ "problemtype": {
+ "problemtype_data": [
+ {
+ "description": [
+ {
+ "lang": "eng",
+ "value": "mod_proxy crash"
+ }
+ ]
+ }
+ ]
+ },
+ "description": {
+ "description_data": [
+ {
+ "lang": "eng",
+ "value": "A flaw was found in the Apache HTTP Server mod_proxy module. On sites where a reverse proxy is configured, a remote attacker could send a carefully crafted request that would cause the Apache child process handling that request to crash. On sites where a forward proxy is configured, an attacker could cause a similar crash if a user could be persuaded to visit a malicious site using the proxy. This could lead to a denial of service if using a threaded Multi-Processing Module."
+ }
+ ]
+ },
+ "impact": [
+ {
+ "other": "moderate"
+ }
+ ],
+ "affects": {
+ "vendor": {
+ "vendor_data": [
+ {
+ "vendor_name": "Apache Software Foundation",
+ "product": {
+ "product_data": [
+ {
+ "product_name": "Apache HTTP Server",
+ "version": {
+ "version_data": [
+ {
+ "version_name": "2.2",
+ "version_affected": "=",
+ "version_value": "2.2.4"
+ },
+ {
+ "version_name": "2.2",
+ "version_affected": "=",
+ "version_value": "2.2.3"
+ },
+ {
+ "version_name": "2.2",
+ "version_affected": "=",
+ "version_value": "2.2.2"
+ },
+ {
+ "version_name": "2.2",
+ "version_affected": "=",
+ "version_value": "2.2.0"
+ },
+ {
+ "version_name": "2.0",
+ "version_affected": "=",
+ "version_value": "2.0.59"
+ },
+ {
+ "version_name": "2.0",
+ "version_affected": "=",
+ "version_value": "2.0.58"
+ },
+ {
+ "version_name": "2.0",
+ "version_affected": "=",
+ "version_value": "2.0.55"
+ },
+ {
+ "version_name": "2.0",
+ "version_affected": "=",
+ "version_value": "2.0.54"
+ },
+ {
+ "version_name": "2.0",
+ "version_affected": "=",
+ "version_value": "2.0.53"
+ },
+ {
+ "version_name": "2.0",
+ "version_affected": "=",
+ "version_value": "2.0.52"
+ },
+ {
+ "version_name": "2.0",
+ "version_affected": "=",
+ "version_value": "2.0.51"
+ },
+ {
+ "version_name": "2.0",
+ "version_affected": "=",
+ "version_value": "2.0.50"
+ },
+ {
+ "version_name": "2.0",
+ "version_affected": "=",
+ "version_value": "2.0.49"
+ },
+ {
+ "version_name": "2.0",
+ "version_affected": "=",
+ "version_value": "2.0.48"
+ },
+ {
+ "version_name": "2.0",
+ "version_affected": "=",
+ "version_value": "2.0.47"
+ },
+ {
+ "version_name": "2.0",
+ "version_affected": "=",
+ "version_value": "2.0.46"
+ },
+ {
+ "version_name": "2.0",
+ "version_affected": "=",
+ "version_value": "2.0.45"
+ },
+ {
+ "version_name": "2.0",
+ "version_affected": "=",
+ "version_value": "2.0.44"
+ },
+ {
+ "version_name": "2.0",
+ "version_affected": "=",
+ "version_value": "2.0.43"
+ },
+ {
+ "version_name": "2.0",
+ "version_affected": "=",
+ "version_value": "2.0.42"
+ },
+ {
+ "version_name": "2.0",
+ "version_affected": "=",
+ "version_value": "2.0.40"
+ },
+ {
+ "version_name": "2.0",
+ "version_affected": "=",
+ "version_value": "2.0.39"
+ },
+ {
+ "version_name": "2.0",
+ "version_affected": "=",
+ "version_value": "2.0.37"
+ },
+ {
+ "version_name": "2.0",
+ "version_affected": "=",
+ "version_value": "2.0.36"
+ },
+ {
+ "version_name": "2.0",
+ "version_affected": "=",
+ "version_value": "2.0.35"
+ }
+ ]
+ }
+ }
+ ]
+ }
+ }
+ ]
+ }
+ }
+}
\ No newline at end of file