You are viewing a plain text version of this content. The canonical link for it is here.
Posted to cvs@httpd.apache.org by bu...@apache.org on 2021/03/30 10:14:14 UTC
svn commit: r1073139 [2/13] - in /websites/staging/httpd/trunk/content: ./
security/json/
Added: websites/staging/httpd/trunk/content/security/json/CVE-2002-1592.json
==============================================================================
--- websites/staging/httpd/trunk/content/security/json/CVE-2002-1592.json (added)
+++ websites/staging/httpd/trunk/content/security/json/CVE-2002-1592.json Tue Mar 30 10:14:12 2021
@@ -0,0 +1,87 @@
+{
+ "data_type": "CVE",
+ "data_format": "MITRE",
+ "data_version": "4.0",
+ "generator": {
+ "engine": "xmltojsonmjc 1.0"
+ },
+ "references": {},
+ "timeline": [
+ {
+ "time": "2002-04-22",
+ "lang": "eng",
+ "value": "public"
+ },
+ {
+ "time": "2002-05-08",
+ "lang": "eng",
+ "value": "2.0.36 released"
+ }
+ ],
+ "CNA_private": {
+ "owner": "httpd"
+ },
+ "CVE_data_meta": {
+ "ASSIGNER": "security@apache.org",
+ "AKA": "",
+ "STATE": "PUBLIC",
+ "DATE_PUBLIC": "2002-04-22",
+ "ID": "CVE-2002-1592",
+ "TITLE": "Warning messages could be displayed to users"
+ },
+ "source": {
+ "defect": [],
+ "advisory": "",
+ "discovery": "UNKNOWN"
+ },
+ "problemtype": {
+ "problemtype_data": [
+ {
+ "description": [
+ {
+ "lang": "eng",
+ "value": "Warning messages could be displayed to users"
+ }
+ ]
+ }
+ ]
+ },
+ "description": {
+ "description_data": [
+ {
+ "lang": "eng",
+ "value": "In some cases warning messages could get returned to end users in addition to being recorded in the error log. This could reveal the path to a CGI script for example, a minor security exposure."
+ }
+ ]
+ },
+ "impact": [
+ {
+ "other": "low"
+ }
+ ],
+ "affects": {
+ "vendor": {
+ "vendor_data": [
+ {
+ "vendor_name": "Apache Software Foundation",
+ "product": {
+ "product_data": [
+ {
+ "product_name": "Apache HTTP Server",
+ "version": {
+ "version_data": [
+ {
+ "version_name": "2.0",
+ "version_affected": "=",
+ "version_value": "2.0.35"
+ }
+ ]
+ }
+ }
+ ]
+ }
+ }
+ ]
+ }
+ }
+}
\ No newline at end of file
Added: websites/staging/httpd/trunk/content/security/json/CVE-2002-1593.json
==============================================================================
--- websites/staging/httpd/trunk/content/security/json/CVE-2002-1593.json (added)
+++ websites/staging/httpd/trunk/content/security/json/CVE-2002-1593.json Tue Mar 30 10:14:12 2021
@@ -0,0 +1,107 @@
+{
+ "data_type": "CVE",
+ "data_format": "MITRE",
+ "data_version": "4.0",
+ "generator": {
+ "engine": "xmltojsonmjc 1.0"
+ },
+ "references": {},
+ "timeline": [
+ {
+ "time": "2002-09-19",
+ "lang": "eng",
+ "value": "public"
+ },
+ {
+ "time": "2002-09-24",
+ "lang": "eng",
+ "value": "2.0.42 released"
+ }
+ ],
+ "CNA_private": {
+ "owner": "httpd"
+ },
+ "CVE_data_meta": {
+ "ASSIGNER": "security@apache.org",
+ "AKA": "",
+ "STATE": "PUBLIC",
+ "DATE_PUBLIC": "2002-09-19",
+ "ID": "CVE-2002-1593",
+ "TITLE": "mod_dav crash"
+ },
+ "source": {
+ "defect": [],
+ "advisory": "",
+ "discovery": "UNKNOWN"
+ },
+ "problemtype": {
+ "problemtype_data": [
+ {
+ "description": [
+ {
+ "lang": "eng",
+ "value": "mod_dav crash"
+ }
+ ]
+ }
+ ]
+ },
+ "description": {
+ "description_data": [
+ {
+ "lang": "eng",
+ "value": "A flaw was found in handling of versioning hooks in mod_dav. An attacker could send a carefully crafted request in such a way to cause the child process handling the connection to crash. This issue will only result in a denial of service where a threaded process model is in use."
+ }
+ ]
+ },
+ "impact": [
+ {
+ "other": "moderate"
+ }
+ ],
+ "affects": {
+ "vendor": {
+ "vendor_data": [
+ {
+ "vendor_name": "Apache Software Foundation",
+ "product": {
+ "product_data": [
+ {
+ "product_name": "Apache HTTP Server",
+ "version": {
+ "version_data": [
+ {
+ "version_name": "2.0",
+ "version_affected": "=",
+ "version_value": "2.0.40"
+ },
+ {
+ "version_name": "2.0",
+ "version_affected": "=",
+ "version_value": "2.0.39"
+ },
+ {
+ "version_name": "2.0",
+ "version_affected": "=",
+ "version_value": "2.0.37"
+ },
+ {
+ "version_name": "2.0",
+ "version_affected": "=",
+ "version_value": "2.0.36"
+ },
+ {
+ "version_name": "2.0",
+ "version_affected": "=",
+ "version_value": "2.0.35"
+ }
+ ]
+ }
+ }
+ ]
+ }
+ }
+ ]
+ }
+ }
+}
\ No newline at end of file
Added: websites/staging/httpd/trunk/content/security/json/CVE-2003-0016.json
==============================================================================
--- websites/staging/httpd/trunk/content/security/json/CVE-2003-0016.json (added)
+++ websites/staging/httpd/trunk/content/security/json/CVE-2003-0016.json Tue Mar 30 10:14:12 2021
@@ -0,0 +1,122 @@
+{
+ "data_type": "CVE",
+ "data_format": "MITRE",
+ "data_version": "4.0",
+ "generator": {
+ "engine": "xmltojsonmjc 1.0"
+ },
+ "references": {},
+ "timeline": [
+ {
+ "time": "2002-12-04",
+ "lang": "eng",
+ "value": "reported"
+ },
+ {
+ "time": "2003-01-20",
+ "lang": "eng",
+ "value": "public"
+ },
+ {
+ "time": "2003-01-20",
+ "lang": "eng",
+ "value": "2.0.44 released"
+ }
+ ],
+ "CNA_private": {
+ "owner": "httpd"
+ },
+ "CVE_data_meta": {
+ "ASSIGNER": "security@apache.org",
+ "AKA": "",
+ "STATE": "PUBLIC",
+ "DATE_PUBLIC": "2003-01-20",
+ "ID": "CVE-2003-0016",
+ "TITLE": "MS-DOS device name filtering"
+ },
+ "source": {
+ "defect": [],
+ "advisory": "",
+ "discovery": "UNKNOWN"
+ },
+ "problemtype": {
+ "problemtype_data": [
+ {
+ "description": [
+ {
+ "lang": "eng",
+ "value": "MS-DOS device name filtering"
+ }
+ ]
+ }
+ ]
+ },
+ "description": {
+ "description_data": [
+ {
+ "lang": "eng",
+ "value": "On Windows platforms Apache did not correctly filter MS-DOS device names which could lead to denial of service attacks or remote code execution."
+ }
+ ]
+ },
+ "impact": [
+ {
+ "other": "critical"
+ }
+ ],
+ "affects": {
+ "vendor": {
+ "vendor_data": [
+ {
+ "vendor_name": "Apache Software Foundation",
+ "product": {
+ "product_data": [
+ {
+ "product_name": "Apache HTTP Server",
+ "version": {
+ "version_data": [
+ {
+ "version_name": "2.0",
+ "version_affected": "=",
+ "version_value": "2.0.43"
+ },
+ {
+ "version_name": "2.0",
+ "version_affected": "?=",
+ "version_value": "2.0.42"
+ },
+ {
+ "version_name": "2.0",
+ "version_affected": "?=",
+ "version_value": "2.0.40"
+ },
+ {
+ "version_name": "2.0",
+ "version_affected": "?=",
+ "version_value": "2.0.39"
+ },
+ {
+ "version_name": "2.0",
+ "version_affected": "?=",
+ "version_value": "2.0.37"
+ },
+ {
+ "version_name": "2.0",
+ "version_affected": "?=",
+ "version_value": "2.0.36"
+ },
+ {
+ "version_name": "2.0",
+ "version_affected": "?=",
+ "version_value": "2.0.35"
+ }
+ ]
+ }
+ }
+ ]
+ }
+ }
+ ]
+ }
+ }
+}
\ No newline at end of file
Added: websites/staging/httpd/trunk/content/security/json/CVE-2003-0017.json
==============================================================================
--- websites/staging/httpd/trunk/content/security/json/CVE-2003-0017.json (added)
+++ websites/staging/httpd/trunk/content/security/json/CVE-2003-0017.json Tue Mar 30 10:14:12 2021
@@ -0,0 +1,122 @@
+{
+ "data_type": "CVE",
+ "data_format": "MITRE",
+ "data_version": "4.0",
+ "generator": {
+ "engine": "xmltojsonmjc 1.0"
+ },
+ "references": {},
+ "timeline": [
+ {
+ "time": "2002-11-15",
+ "lang": "eng",
+ "value": "reported"
+ },
+ {
+ "time": "2003-01-20",
+ "lang": "eng",
+ "value": "public"
+ },
+ {
+ "time": "2003-01-20",
+ "lang": "eng",
+ "value": "2.0.44 released"
+ }
+ ],
+ "CNA_private": {
+ "owner": "httpd"
+ },
+ "CVE_data_meta": {
+ "ASSIGNER": "security@apache.org",
+ "AKA": "",
+ "STATE": "PUBLIC",
+ "DATE_PUBLIC": "2003-01-20",
+ "ID": "CVE-2003-0017",
+ "TITLE": "Apache can serve unexpected files"
+ },
+ "source": {
+ "defect": [],
+ "advisory": "",
+ "discovery": "UNKNOWN"
+ },
+ "problemtype": {
+ "problemtype_data": [
+ {
+ "description": [
+ {
+ "lang": "eng",
+ "value": "Apache can serve unexpected files"
+ }
+ ]
+ }
+ ]
+ },
+ "description": {
+ "description_data": [
+ {
+ "lang": "eng",
+ "value": "On Windows platforms Apache could be forced to serve unexpected files by appending illegal characters such as '<' to the request URL"
+ }
+ ]
+ },
+ "impact": [
+ {
+ "other": "important"
+ }
+ ],
+ "affects": {
+ "vendor": {
+ "vendor_data": [
+ {
+ "vendor_name": "Apache Software Foundation",
+ "product": {
+ "product_data": [
+ {
+ "product_name": "Apache HTTP Server",
+ "version": {
+ "version_data": [
+ {
+ "version_name": "2.0",
+ "version_affected": "=",
+ "version_value": "2.0.43"
+ },
+ {
+ "version_name": "2.0",
+ "version_affected": "?=",
+ "version_value": "2.0.42"
+ },
+ {
+ "version_name": "2.0",
+ "version_affected": "?=",
+ "version_value": "2.0.40"
+ },
+ {
+ "version_name": "2.0",
+ "version_affected": "?=",
+ "version_value": "2.0.39"
+ },
+ {
+ "version_name": "2.0",
+ "version_affected": "?=",
+ "version_value": "2.0.37"
+ },
+ {
+ "version_name": "2.0",
+ "version_affected": "?=",
+ "version_value": "2.0.36"
+ },
+ {
+ "version_name": "2.0",
+ "version_affected": "?=",
+ "version_value": "2.0.35"
+ }
+ ]
+ }
+ }
+ ]
+ }
+ }
+ ]
+ }
+ }
+}
\ No newline at end of file
Added: websites/staging/httpd/trunk/content/security/json/CVE-2003-0020.json
==============================================================================
--- websites/staging/httpd/trunk/content/security/json/CVE-2003-0020.json (added)
+++ websites/staging/httpd/trunk/content/security/json/CVE-2003-0020.json Tue Mar 30 10:14:12 2021
@@ -0,0 +1,247 @@
+{
+ "data_type": "CVE",
+ "data_format": "MITRE",
+ "data_version": "4.0",
+ "generator": {
+ "engine": "xmltojsonmjc 1.0"
+ },
+ "references": {},
+ "timeline": [
+ {
+ "time": "2003-02-24",
+ "lang": "eng",
+ "value": "reported"
+ },
+ {
+ "time": "2003-02-24",
+ "lang": "eng",
+ "value": "public"
+ },
+ {
+ "time": "2004-05-12",
+ "lang": "eng",
+ "value": "1.3.31 released"
+ },
+ {
+ "time": "2004-03-19",
+ "lang": "eng",
+ "value": "2.0.49 released"
+ }
+ ],
+ "CNA_private": {
+ "owner": "httpd"
+ },
+ "CVE_data_meta": {
+ "ASSIGNER": "security@apache.org",
+ "AKA": "",
+ "STATE": "PUBLIC",
+ "DATE_PUBLIC": "2003-02-24",
+ "ID": "CVE-2003-0020",
+ "TITLE": "Error log escape filtering"
+ },
+ "source": {
+ "defect": [],
+ "advisory": "",
+ "discovery": "UNKNOWN"
+ },
+ "problemtype": {
+ "problemtype_data": [
+ {
+ "description": [
+ {
+ "lang": "eng",
+ "value": "Error log escape filtering"
+ }
+ ]
+ }
+ ]
+ },
+ "description": {
+ "description_data": [
+ {
+ "lang": "eng",
+ "value": "Apache does not filter terminal escape sequences from error logs, which could make it easier for attackers to insert those sequences into terminal emulators containing vulnerabilities related to escape sequences."
+ }
+ ]
+ },
+ "impact": [
+ {
+ "other": "low"
+ }
+ ],
+ "affects": {
+ "vendor": {
+ "vendor_data": [
+ {
+ "vendor_name": "Apache Software Foundation",
+ "product": {
+ "product_data": [
+ {
+ "product_name": "Apache HTTP Server",
+ "version": {
+ "version_data": [
+ {
+ "version_name": "2.0",
+ "version_affected": "=",
+ "version_value": "2.0.48"
+ },
+ {
+ "version_name": "2.0",
+ "version_affected": "=",
+ "version_value": "2.0.47"
+ },
+ {
+ "version_name": "2.0",
+ "version_affected": "=",
+ "version_value": "2.0.46"
+ },
+ {
+ "version_name": "2.0",
+ "version_affected": "=",
+ "version_value": "2.0.45"
+ },
+ {
+ "version_name": "2.0",
+ "version_affected": "=",
+ "version_value": "2.0.44"
+ },
+ {
+ "version_name": "2.0",
+ "version_affected": "=",
+ "version_value": "2.0.43"
+ },
+ {
+ "version_name": "2.0",
+ "version_affected": "=",
+ "version_value": "2.0.42"
+ },
+ {
+ "version_name": "2.0",
+ "version_affected": "=",
+ "version_value": "2.0.40"
+ },
+ {
+ "version_name": "2.0",
+ "version_affected": "=",
+ "version_value": "2.0.39"
+ },
+ {
+ "version_name": "2.0",
+ "version_affected": "=",
+ "version_value": "2.0.37"
+ },
+ {
+ "version_name": "2.0",
+ "version_affected": "=",
+ "version_value": "2.0.36"
+ },
+ {
+ "version_name": "2.0",
+ "version_affected": "=",
+ "version_value": "2.0.35"
+ },
+ {
+ "version_name": "1.3",
+ "version_affected": "=",
+ "version_value": "1.3.29"
+ },
+ {
+ "version_name": "1.3",
+ "version_affected": "=",
+ "version_value": "1.3.28"
+ },
+ {
+ "version_name": "1.3",
+ "version_affected": "=",
+ "version_value": "1.3.27"
+ },
+ {
+ "version_name": "1.3",
+ "version_affected": "=",
+ "version_value": "1.3.26"
+ },
+ {
+ "version_name": "1.3",
+ "version_affected": "=",
+ "version_value": "1.3.24"
+ },
+ {
+ "version_name": "1.3",
+ "version_affected": "=",
+ "version_value": "1.3.22"
+ },
+ {
+ "version_name": "1.3",
+ "version_affected": "=",
+ "version_value": "1.3.20"
+ },
+ {
+ "version_name": "1.3",
+ "version_affected": "=",
+ "version_value": "1.3.19"
+ },
+ {
+ "version_name": "1.3",
+ "version_affected": "=",
+ "version_value": "1.3.17"
+ },
+ {
+ "version_name": "1.3",
+ "version_affected": "=",
+ "version_value": "1.3.14"
+ },
+ {
+ "version_name": "1.3",
+ "version_affected": "=",
+ "version_value": "1.3.12"
+ },
+ {
+ "version_name": "1.3",
+ "version_affected": "=",
+ "version_value": "1.3.11"
+ },
+ {
+ "version_name": "1.3",
+ "version_affected": "=",
+ "version_value": "1.3.9"
+ },
+ {
+ "version_name": "1.3",
+ "version_affected": "=",
+ "version_value": "1.3.6"
+ },
+ {
+ "version_name": "1.3",
+ "version_affected": "=",
+ "version_value": "1.3.4"
+ },
+ {
+ "version_name": "1.3",
+ "version_affected": "=",
+ "version_value": "1.3.3"
+ },
+ {
+ "version_name": "1.3",
+ "version_affected": "=",
+ "version_value": "1.3.2"
+ },
+ {
+ "version_name": "1.3",
+ "version_affected": "=",
+ "version_value": "1.3.1"
+ },
+ {
+ "version_name": "1.3",
+ "version_affected": "=",
+ "version_value": "1.3.0"
+ }
+ ]
+ }
+ }
+ ]
+ }
+ }
+ ]
+ }
+ }
+}
\ No newline at end of file
Added: websites/staging/httpd/trunk/content/security/json/CVE-2003-0083.json
==============================================================================
--- websites/staging/httpd/trunk/content/security/json/CVE-2003-0083.json (added)
+++ websites/staging/httpd/trunk/content/security/json/CVE-2003-0083.json Tue Mar 30 10:14:12 2021
@@ -0,0 +1,212 @@
+{
+ "data_type": "CVE",
+ "data_format": "MITRE",
+ "data_version": "4.0",
+ "generator": {
+ "engine": "xmltojsonmjc 1.0"
+ },
+ "references": {},
+ "timeline": [
+ {
+ "time": "2003-02-24",
+ "lang": "eng",
+ "value": "reported"
+ },
+ {
+ "time": "2003-02-24",
+ "lang": "eng",
+ "value": "public"
+ },
+ {
+ "time": "2004-04-02",
+ "lang": "eng",
+ "value": "2.0.46 released"
+ },
+ {
+ "time": "2002-06-18",
+ "lang": "eng",
+ "value": "1.3.26 released"
+ }
+ ],
+ "CNA_private": {
+ "owner": "httpd"
+ },
+ "CVE_data_meta": {
+ "ASSIGNER": "security@apache.org",
+ "AKA": "",
+ "STATE": "PUBLIC",
+ "DATE_PUBLIC": "2003-02-24",
+ "ID": "CVE-2003-0083",
+ "TITLE": "Filtered escape sequences"
+ },
+ "source": {
+ "defect": [],
+ "advisory": "",
+ "discovery": "UNKNOWN"
+ },
+ "problemtype": {
+ "problemtype_data": [
+ {
+ "description": [
+ {
+ "lang": "eng",
+ "value": "Filtered escape sequences"
+ }
+ ]
+ }
+ ]
+ },
+ "description": {
+ "description_data": [
+ {
+ "lang": "eng",
+ "value": "Apache did not filter terminal escape sequences from its access logs, which could make it easier for attackers to insert those sequences into terminal emulators containing vulnerabilities related to escape sequences."
+ }
+ ]
+ },
+ "impact": [
+ {
+ "other": "low"
+ }
+ ],
+ "affects": {
+ "vendor": {
+ "vendor_data": [
+ {
+ "vendor_name": "Apache Software Foundation",
+ "product": {
+ "product_data": [
+ {
+ "product_name": "Apache HTTP Server",
+ "version": {
+ "version_data": [
+ {
+ "version_name": "2.0",
+ "version_affected": "=",
+ "version_value": "2.0.45"
+ },
+ {
+ "version_name": "2.0",
+ "version_affected": "=",
+ "version_value": "2.0.44"
+ },
+ {
+ "version_name": "2.0",
+ "version_affected": "=",
+ "version_value": "2.0.43"
+ },
+ {
+ "version_name": "2.0",
+ "version_affected": "=",
+ "version_value": "2.0.42"
+ },
+ {
+ "version_name": "2.0",
+ "version_affected": "=",
+ "version_value": "2.0.40"
+ },
+ {
+ "version_name": "2.0",
+ "version_affected": "=",
+ "version_value": "2.0.39"
+ },
+ {
+ "version_name": "2.0",
+ "version_affected": "=",
+ "version_value": "2.0.37"
+ },
+ {
+ "version_name": "2.0",
+ "version_affected": "=",
+ "version_value": "2.0.36"
+ },
+ {
+ "version_name": "2.0",
+ "version_affected": "=",
+ "version_value": "2.0.35"
+ },
+ {
+ "version_name": "1.3",
+ "version_affected": "=",
+ "version_value": "1.3.24"
+ },
+ {
+ "version_name": "1.3",
+ "version_affected": "=",
+ "version_value": "1.3.22"
+ },
+ {
+ "version_name": "1.3",
+ "version_affected": "=",
+ "version_value": "1.3.20"
+ },
+ {
+ "version_name": "1.3",
+ "version_affected": "=",
+ "version_value": "1.3.19"
+ },
+ {
+ "version_name": "1.3",
+ "version_affected": "=",
+ "version_value": "1.3.17"
+ },
+ {
+ "version_name": "1.3",
+ "version_affected": "=",
+ "version_value": "1.3.14"
+ },
+ {
+ "version_name": "1.3",
+ "version_affected": "=",
+ "version_value": "1.3.12"
+ },
+ {
+ "version_name": "1.3",
+ "version_affected": "=",
+ "version_value": "1.3.11"
+ },
+ {
+ "version_name": "1.3",
+ "version_affected": "=",
+ "version_value": "1.3.9"
+ },
+ {
+ "version_name": "1.3",
+ "version_affected": "=",
+ "version_value": "1.3.6"
+ },
+ {
+ "version_name": "1.3",
+ "version_affected": "=",
+ "version_value": "1.3.4"
+ },
+ {
+ "version_name": "1.3",
+ "version_affected": "=",
+ "version_value": "1.3.3"
+ },
+ {
+ "version_name": "1.3",
+ "version_affected": "=",
+ "version_value": "1.3.2"
+ },
+ {
+ "version_name": "1.3",
+ "version_affected": "=",
+ "version_value": "1.3.1"
+ },
+ {
+ "version_name": "1.3",
+ "version_affected": "=",
+ "version_value": "1.3.0"
+ }
+ ]
+ }
+ }
+ ]
+ }
+ }
+ ]
+ }
+ }
+}
\ No newline at end of file
Added: websites/staging/httpd/trunk/content/security/json/CVE-2003-0132.json
==============================================================================
--- websites/staging/httpd/trunk/content/security/json/CVE-2003-0132.json (added)
+++ websites/staging/httpd/trunk/content/security/json/CVE-2003-0132.json Tue Mar 30 10:14:12 2021
@@ -0,0 +1,122 @@
+{
+ "data_type": "CVE",
+ "data_format": "MITRE",
+ "data_version": "4.0",
+ "generator": {
+ "engine": "xmltojsonmjc 1.0"
+ },
+ "references": {},
+ "timeline": [
+ {
+ "time": "2004-04-02",
+ "lang": "eng",
+ "value": "public"
+ },
+ {
+ "time": "2004-04-02",
+ "lang": "eng",
+ "value": "2.0.45 released"
+ }
+ ],
+ "CNA_private": {
+ "owner": "httpd"
+ },
+ "CVE_data_meta": {
+ "ASSIGNER": "security@apache.org",
+ "AKA": "",
+ "STATE": "PUBLIC",
+ "DATE_PUBLIC": "2004-04-02",
+ "ID": "CVE-2003-0132",
+ "TITLE": "Line feed memory leak DoS"
+ },
+ "source": {
+ "defect": [],
+ "advisory": "",
+ "discovery": "UNKNOWN"
+ },
+ "problemtype": {
+ "problemtype_data": [
+ {
+ "description": [
+ {
+ "lang": "eng",
+ "value": "Line feed memory leak DoS"
+ }
+ ]
+ }
+ ]
+ },
+ "description": {
+ "description_data": [
+ {
+ "lang": "eng",
+ "value": "Apache 2.0 versions before Apache 2.0.45 had a significant Denial of Service vulnerability. Remote attackers could cause a denial of service (memory consumption) via large chunks of linefeed characters, which causes Apache to allocate 80 bytes for each linefeed."
+ }
+ ]
+ },
+ "impact": [
+ {
+ "other": "important"
+ }
+ ],
+ "affects": {
+ "vendor": {
+ "vendor_data": [
+ {
+ "vendor_name": "Apache Software Foundation",
+ "product": {
+ "product_data": [
+ {
+ "product_name": "Apache HTTP Server",
+ "version": {
+ "version_data": [
+ {
+ "version_name": "2.0",
+ "version_affected": "=",
+ "version_value": "2.0.44"
+ },
+ {
+ "version_name": "2.0",
+ "version_affected": "=",
+ "version_value": "2.0.43"
+ },
+ {
+ "version_name": "2.0",
+ "version_affected": "=",
+ "version_value": "2.0.42"
+ },
+ {
+ "version_name": "2.0",
+ "version_affected": "=",
+ "version_value": "2.0.40"
+ },
+ {
+ "version_name": "2.0",
+ "version_affected": "=",
+ "version_value": "2.0.39"
+ },
+ {
+ "version_name": "2.0",
+ "version_affected": "=",
+ "version_value": "2.0.37"
+ },
+ {
+ "version_name": "2.0",
+ "version_affected": "=",
+ "version_value": "2.0.36"
+ },
+ {
+ "version_name": "2.0",
+ "version_affected": "=",
+ "version_value": "2.0.35"
+ }
+ ]
+ }
+ }
+ ]
+ }
+ }
+ ]
+ }
+ }
+}
\ No newline at end of file
Added: websites/staging/httpd/trunk/content/security/json/CVE-2003-0134.json
==============================================================================
--- websites/staging/httpd/trunk/content/security/json/CVE-2003-0134.json (added)
+++ websites/staging/httpd/trunk/content/security/json/CVE-2003-0134.json Tue Mar 30 10:14:12 2021
@@ -0,0 +1,127 @@
+{
+ "data_type": "CVE",
+ "data_format": "MITRE",
+ "data_version": "4.0",
+ "generator": {
+ "engine": "xmltojsonmjc 1.0"
+ },
+ "references": {},
+ "timeline": [
+ {
+ "time": "2003-03-31",
+ "lang": "eng",
+ "value": "public"
+ },
+ {
+ "time": "2003-05-28",
+ "lang": "eng",
+ "value": "2.0.46 released"
+ }
+ ],
+ "CNA_private": {
+ "owner": "httpd"
+ },
+ "CVE_data_meta": {
+ "ASSIGNER": "security@apache.org",
+ "AKA": "",
+ "STATE": "PUBLIC",
+ "DATE_PUBLIC": "2003-03-31",
+ "ID": "CVE-2003-0134",
+ "TITLE": "OS2 device name DoS"
+ },
+ "source": {
+ "defect": [],
+ "advisory": "",
+ "discovery": "UNKNOWN"
+ },
+ "problemtype": {
+ "problemtype_data": [
+ {
+ "description": [
+ {
+ "lang": "eng",
+ "value": "OS2 device name DoS"
+ }
+ ]
+ }
+ ]
+ },
+ "description": {
+ "description_data": [
+ {
+ "lang": "eng",
+ "value": "Apache on OS2 up to and including Apache 2.0.45 have a Denial of Service vulnerability caused by device names."
+ }
+ ]
+ },
+ "impact": [
+ {
+ "other": "important"
+ }
+ ],
+ "affects": {
+ "vendor": {
+ "vendor_data": [
+ {
+ "vendor_name": "Apache Software Foundation",
+ "product": {
+ "product_data": [
+ {
+ "product_name": "Apache HTTP Server",
+ "version": {
+ "version_data": [
+ {
+ "version_name": "2.0",
+ "version_affected": "=",
+ "version_value": "2.0.45"
+ },
+ {
+ "version_name": "2.0",
+ "version_affected": "?=",
+ "version_value": "2.0.44"
+ },
+ {
+ "version_name": "2.0",
+ "version_affected": "?=",
+ "version_value": "2.0.43"
+ },
+ {
+ "version_name": "2.0",
+ "version_affected": "?=",
+ "version_value": "2.0.42"
+ },
+ {
+ "version_name": "2.0",
+ "version_affected": "?=",
+ "version_value": "2.0.40"
+ },
+ {
+ "version_name": "2.0",
+ "version_affected": "?=",
+ "version_value": "2.0.39"
+ },
+ {
+ "version_name": "2.0",
+ "version_affected": "?=",
+ "version_value": "2.0.37"
+ },
+ {
+ "version_name": "2.0",
+ "version_affected": "?=",
+ "version_value": "2.0.36"
+ },
+ {
+ "version_name": "2.0",
+ "version_affected": "?=",
+ "version_value": "2.0.35"
+ }
+ ]
+ }
+ }
+ ]
+ }
+ }
+ ]
+ }
+ }
+}
\ No newline at end of file
Added: websites/staging/httpd/trunk/content/security/json/CVE-2003-0189.json
==============================================================================
--- websites/staging/httpd/trunk/content/security/json/CVE-2003-0189.json (added)
+++ websites/staging/httpd/trunk/content/security/json/CVE-2003-0189.json Tue Mar 30 10:14:12 2021
@@ -0,0 +1,112 @@
+{
+ "data_type": "CVE",
+ "data_format": "MITRE",
+ "data_version": "4.0",
+ "generator": {
+ "engine": "xmltojsonmjc 1.0"
+ },
+ "references": {},
+ "timeline": [
+ {
+ "time": "2003-04-25",
+ "lang": "eng",
+ "value": "reported"
+ },
+ {
+ "time": "2003-05-28",
+ "lang": "eng",
+ "value": "public"
+ },
+ {
+ "time": "2003-05-28",
+ "lang": "eng",
+ "value": "2.0.46 released"
+ }
+ ],
+ "CNA_private": {
+ "owner": "httpd"
+ },
+ "CVE_data_meta": {
+ "ASSIGNER": "security@apache.org",
+ "AKA": "",
+ "STATE": "PUBLIC",
+ "DATE_PUBLIC": "2003-05-28",
+ "ID": "CVE-2003-0189",
+ "TITLE": "Basic Authentication DoS"
+ },
+ "source": {
+ "defect": [],
+ "advisory": "",
+ "discovery": "UNKNOWN"
+ },
+ "problemtype": {
+ "problemtype_data": [
+ {
+ "description": [
+ {
+ "lang": "eng",
+ "value": "Basic Authentication DoS"
+ }
+ ]
+ }
+ ]
+ },
+ "description": {
+ "description_data": [
+ {
+ "lang": "eng",
+ "value": "A build system problem in Apache 2.0.40 through 2.0.45 allows remote attackers to cause a denial of access to authenticated content when a threaded server is used."
+ }
+ ]
+ },
+ "impact": [
+ {
+ "other": "important"
+ }
+ ],
+ "affects": {
+ "vendor": {
+ "vendor_data": [
+ {
+ "vendor_name": "Apache Software Foundation",
+ "product": {
+ "product_data": [
+ {
+ "product_name": "Apache HTTP Server",
+ "version": {
+ "version_data": [
+ {
+ "version_name": "2.0",
+ "version_affected": "=",
+ "version_value": "2.0.45"
+ },
+ {
+ "version_name": "2.0",
+ "version_affected": "=",
+ "version_value": "2.0.44"
+ },
+ {
+ "version_name": "2.0",
+ "version_affected": "=",
+ "version_value": "2.0.43"
+ },
+ {
+ "version_name": "2.0",
+ "version_affected": "=",
+ "version_value": "2.0.42"
+ },
+ {
+ "version_name": "2.0",
+ "version_affected": "=",
+ "version_value": "2.0.40"
+ }
+ ]
+ }
+ }
+ ]
+ }
+ }
+ ]
+ }
+ }
+}
\ No newline at end of file
Added: websites/staging/httpd/trunk/content/security/json/CVE-2003-0192.json
==============================================================================
--- websites/staging/httpd/trunk/content/security/json/CVE-2003-0192.json (added)
+++ websites/staging/httpd/trunk/content/security/json/CVE-2003-0192.json Tue Mar 30 10:14:12 2021
@@ -0,0 +1,137 @@
+{
+ "data_type": "CVE",
+ "data_format": "MITRE",
+ "data_version": "4.0",
+ "generator": {
+ "engine": "xmltojsonmjc 1.0"
+ },
+ "references": {},
+ "timeline": [
+ {
+ "time": "2003-04-30",
+ "lang": "eng",
+ "value": "reported"
+ },
+ {
+ "time": "2003-07-09",
+ "lang": "eng",
+ "value": "public"
+ },
+ {
+ "time": "2003-07-09",
+ "lang": "eng",
+ "value": "2.0.47 released"
+ }
+ ],
+ "CNA_private": {
+ "owner": "httpd"
+ },
+ "CVE_data_meta": {
+ "ASSIGNER": "security@apache.org",
+ "AKA": "",
+ "STATE": "PUBLIC",
+ "DATE_PUBLIC": "2003-07-09",
+ "ID": "CVE-2003-0192",
+ "TITLE": "mod_ssl renegotiation issue"
+ },
+ "source": {
+ "defect": [],
+ "advisory": "",
+ "discovery": "UNKNOWN"
+ },
+ "problemtype": {
+ "problemtype_data": [
+ {
+ "description": [
+ {
+ "lang": "eng",
+ "value": "mod_ssl renegotiation issue"
+ }
+ ]
+ }
+ ]
+ },
+ "description": {
+ "description_data": [
+ {
+ "lang": "eng",
+ "value": "A bug in the optional renegotiation code in mod_ssl included with Apache httpd can cause cipher suite restrictions to be ignored. This is triggered if optional renegotiation is used (SSLOptions +OptRenegotiate) along with verification of client certificates and a change to the cipher suite over the renegotiation."
+ }
+ ]
+ },
+ "impact": [
+ {
+ "other": "low"
+ }
+ ],
+ "affects": {
+ "vendor": {
+ "vendor_data": [
+ {
+ "vendor_name": "Apache Software Foundation",
+ "product": {
+ "product_data": [
+ {
+ "product_name": "Apache HTTP Server",
+ "version": {
+ "version_data": [
+ {
+ "version_name": "2.0",
+ "version_affected": "=",
+ "version_value": "2.0.46"
+ },
+ {
+ "version_name": "2.0",
+ "version_affected": "=",
+ "version_value": "2.0.45"
+ },
+ {
+ "version_name": "2.0",
+ "version_affected": "=",
+ "version_value": "2.0.44"
+ },
+ {
+ "version_name": "2.0",
+ "version_affected": "=",
+ "version_value": "2.0.43"
+ },
+ {
+ "version_name": "2.0",
+ "version_affected": "=",
+ "version_value": "2.0.42"
+ },
+ {
+ "version_name": "2.0",
+ "version_affected": "=",
+ "version_value": "2.0.40"
+ },
+ {
+ "version_name": "2.0",
+ "version_affected": "=",
+ "version_value": "2.0.39"
+ },
+ {
+ "version_name": "2.0",
+ "version_affected": "=",
+ "version_value": "2.0.37"
+ },
+ {
+ "version_name": "2.0",
+ "version_affected": "=",
+ "version_value": "2.0.36"
+ },
+ {
+ "version_name": "2.0",
+ "version_affected": "=",
+ "version_value": "2.0.35"
+ }
+ ]
+ }
+ }
+ ]
+ }
+ }
+ ]
+ }
+ }
+}
\ No newline at end of file
Added: websites/staging/httpd/trunk/content/security/json/CVE-2003-0245.json
==============================================================================
--- websites/staging/httpd/trunk/content/security/json/CVE-2003-0245.json (added)
+++ websites/staging/httpd/trunk/content/security/json/CVE-2003-0245.json Tue Mar 30 10:14:12 2021
@@ -0,0 +1,122 @@
+{
+ "data_type": "CVE",
+ "data_format": "MITRE",
+ "data_version": "4.0",
+ "generator": {
+ "engine": "xmltojsonmjc 1.0"
+ },
+ "references": {},
+ "timeline": [
+ {
+ "time": "2003-04-09",
+ "lang": "eng",
+ "value": "reported"
+ },
+ {
+ "time": "2003-05-28",
+ "lang": "eng",
+ "value": "public"
+ },
+ {
+ "time": "2003-05-28",
+ "lang": "eng",
+ "value": "2.0.46 released"
+ }
+ ],
+ "CNA_private": {
+ "owner": "httpd"
+ },
+ "CVE_data_meta": {
+ "ASSIGNER": "security@apache.org",
+ "AKA": "",
+ "STATE": "PUBLIC",
+ "DATE_PUBLIC": "2003-05-28",
+ "ID": "CVE-2003-0245",
+ "TITLE": "APR remote crash"
+ },
+ "source": {
+ "defect": [],
+ "advisory": "",
+ "discovery": "UNKNOWN"
+ },
+ "problemtype": {
+ "problemtype_data": [
+ {
+ "description": [
+ {
+ "lang": "eng",
+ "value": "APR remote crash"
+ }
+ ]
+ }
+ ]
+ },
+ "description": {
+ "description_data": [
+ {
+ "lang": "eng",
+ "value": "A vulnerability in the apr_psprintf function in the Apache Portable Runtime (APR) library allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via long strings, as demonstrated using XML objects to mod_dav, and possibly other vectors."
+ }
+ ]
+ },
+ "impact": [
+ {
+ "other": "critical"
+ }
+ ],
+ "affects": {
+ "vendor": {
+ "vendor_data": [
+ {
+ "vendor_name": "Apache Software Foundation",
+ "product": {
+ "product_data": [
+ {
+ "product_name": "Apache HTTP Server",
+ "version": {
+ "version_data": [
+ {
+ "version_name": "2.0",
+ "version_affected": "=",
+ "version_value": "2.0.45"
+ },
+ {
+ "version_name": "2.0",
+ "version_affected": "=",
+ "version_value": "2.0.44"
+ },
+ {
+ "version_name": "2.0",
+ "version_affected": "=",
+ "version_value": "2.0.43"
+ },
+ {
+ "version_name": "2.0",
+ "version_affected": "=",
+ "version_value": "2.0.42"
+ },
+ {
+ "version_name": "2.0",
+ "version_affected": "=",
+ "version_value": "2.0.40"
+ },
+ {
+ "version_name": "2.0",
+ "version_affected": "=",
+ "version_value": "2.0.39"
+ },
+ {
+ "version_name": "2.0",
+ "version_affected": "=",
+ "version_value": "2.0.37"
+ }
+ ]
+ }
+ }
+ ]
+ }
+ }
+ ]
+ }
+ }
+}
\ No newline at end of file
Added: websites/staging/httpd/trunk/content/security/json/CVE-2003-0253.json
==============================================================================
--- websites/staging/httpd/trunk/content/security/json/CVE-2003-0253.json (added)
+++ websites/staging/httpd/trunk/content/security/json/CVE-2003-0253.json Tue Mar 30 10:14:12 2021
@@ -0,0 +1,137 @@
+{
+ "data_type": "CVE",
+ "data_format": "MITRE",
+ "data_version": "4.0",
+ "generator": {
+ "engine": "xmltojsonmjc 1.0"
+ },
+ "references": {},
+ "timeline": [
+ {
+ "time": "2003-06-25",
+ "lang": "eng",
+ "value": "reported"
+ },
+ {
+ "time": "2003-07-09",
+ "lang": "eng",
+ "value": "public"
+ },
+ {
+ "time": "2003-07-09",
+ "lang": "eng",
+ "value": "2.0.47 released"
+ }
+ ],
+ "CNA_private": {
+ "owner": "httpd"
+ },
+ "CVE_data_meta": {
+ "ASSIGNER": "security@apache.org",
+ "AKA": "",
+ "STATE": "PUBLIC",
+ "DATE_PUBLIC": "2003-07-09",
+ "ID": "CVE-2003-0253",
+ "TITLE": "Remote DoS with multiple Listen directives"
+ },
+ "source": {
+ "defect": [],
+ "advisory": "",
+ "discovery": "UNKNOWN"
+ },
+ "problemtype": {
+ "problemtype_data": [
+ {
+ "description": [
+ {
+ "lang": "eng",
+ "value": "Remote DoS with multiple Listen directives"
+ }
+ ]
+ }
+ ]
+ },
+ "description": {
+ "description_data": [
+ {
+ "lang": "eng",
+ "value": "In a server with multiple listening sockets a certain error returned by accept() on a rarely access port can cause a temporary denial of service, due to a bug in the prefork MPM."
+ }
+ ]
+ },
+ "impact": [
+ {
+ "other": "important"
+ }
+ ],
+ "affects": {
+ "vendor": {
+ "vendor_data": [
+ {
+ "vendor_name": "Apache Software Foundation",
+ "product": {
+ "product_data": [
+ {
+ "product_name": "Apache HTTP Server",
+ "version": {
+ "version_data": [
+ {
+ "version_name": "2.0",
+ "version_affected": "=",
+ "version_value": "2.0.46"
+ },
+ {
+ "version_name": "2.0",
+ "version_affected": "=",
+ "version_value": "2.0.45"
+ },
+ {
+ "version_name": "2.0",
+ "version_affected": "=",
+ "version_value": "2.0.44"
+ },
+ {
+ "version_name": "2.0",
+ "version_affected": "=",
+ "version_value": "2.0.43"
+ },
+ {
+ "version_name": "2.0",
+ "version_affected": "=",
+ "version_value": "2.0.42"
+ },
+ {
+ "version_name": "2.0",
+ "version_affected": "=",
+ "version_value": "2.0.40"
+ },
+ {
+ "version_name": "2.0",
+ "version_affected": "=",
+ "version_value": "2.0.39"
+ },
+ {
+ "version_name": "2.0",
+ "version_affected": "=",
+ "version_value": "2.0.37"
+ },
+ {
+ "version_name": "2.0",
+ "version_affected": "=",
+ "version_value": "2.0.36"
+ },
+ {
+ "version_name": "2.0",
+ "version_affected": "=",
+ "version_value": "2.0.35"
+ }
+ ]
+ }
+ }
+ ]
+ }
+ }
+ ]
+ }
+ }
+}
\ No newline at end of file
Added: websites/staging/httpd/trunk/content/security/json/CVE-2003-0254.json
==============================================================================
--- websites/staging/httpd/trunk/content/security/json/CVE-2003-0254.json (added)
+++ websites/staging/httpd/trunk/content/security/json/CVE-2003-0254.json Tue Mar 30 10:14:12 2021
@@ -0,0 +1,137 @@
+{
+ "data_type": "CVE",
+ "data_format": "MITRE",
+ "data_version": "4.0",
+ "generator": {
+ "engine": "xmltojsonmjc 1.0"
+ },
+ "references": {},
+ "timeline": [
+ {
+ "time": "2003-06-25",
+ "lang": "eng",
+ "value": "reported"
+ },
+ {
+ "time": "2003-07-09",
+ "lang": "eng",
+ "value": "public"
+ },
+ {
+ "time": "2003-07-09",
+ "lang": "eng",
+ "value": "2.0.47 released"
+ }
+ ],
+ "CNA_private": {
+ "owner": "httpd"
+ },
+ "CVE_data_meta": {
+ "ASSIGNER": "security@apache.org",
+ "AKA": "",
+ "STATE": "PUBLIC",
+ "DATE_PUBLIC": "2003-07-09",
+ "ID": "CVE-2003-0254",
+ "TITLE": "Remote DoS via IPv6 ftp proxy"
+ },
+ "source": {
+ "defect": [],
+ "advisory": "",
+ "discovery": "UNKNOWN"
+ },
+ "problemtype": {
+ "problemtype_data": [
+ {
+ "description": [
+ {
+ "lang": "eng",
+ "value": "Remote DoS via IPv6 ftp proxy"
+ }
+ ]
+ }
+ ]
+ },
+ "description": {
+ "description_data": [
+ {
+ "lang": "eng",
+ "value": "When a client requests that proxy ftp connect to a ftp server with IPv6 address, and the proxy is unable to create an IPv6 socket, an infinite loop occurs causing a remote Denial of Service."
+ }
+ ]
+ },
+ "impact": [
+ {
+ "other": "moderate"
+ }
+ ],
+ "affects": {
+ "vendor": {
+ "vendor_data": [
+ {
+ "vendor_name": "Apache Software Foundation",
+ "product": {
+ "product_data": [
+ {
+ "product_name": "Apache HTTP Server",
+ "version": {
+ "version_data": [
+ {
+ "version_name": "2.0",
+ "version_affected": "=",
+ "version_value": "2.0.46"
+ },
+ {
+ "version_name": "2.0",
+ "version_affected": "=",
+ "version_value": "2.0.45"
+ },
+ {
+ "version_name": "2.0",
+ "version_affected": "=",
+ "version_value": "2.0.44"
+ },
+ {
+ "version_name": "2.0",
+ "version_affected": "=",
+ "version_value": "2.0.43"
+ },
+ {
+ "version_name": "2.0",
+ "version_affected": "=",
+ "version_value": "2.0.42"
+ },
+ {
+ "version_name": "2.0",
+ "version_affected": "=",
+ "version_value": "2.0.40"
+ },
+ {
+ "version_name": "2.0",
+ "version_affected": "=",
+ "version_value": "2.0.39"
+ },
+ {
+ "version_name": "2.0",
+ "version_affected": "=",
+ "version_value": "2.0.37"
+ },
+ {
+ "version_name": "2.0",
+ "version_affected": "=",
+ "version_value": "2.0.36"
+ },
+ {
+ "version_name": "2.0",
+ "version_affected": "=",
+ "version_value": "2.0.35"
+ }
+ ]
+ }
+ }
+ ]
+ }
+ }
+ ]
+ }
+ }
+}
\ No newline at end of file
Added: websites/staging/httpd/trunk/content/security/json/CVE-2003-0460.json
==============================================================================
--- websites/staging/httpd/trunk/content/security/json/CVE-2003-0460.json (added)
+++ websites/staging/httpd/trunk/content/security/json/CVE-2003-0460.json Tue Mar 30 10:14:12 2021
@@ -0,0 +1,172 @@
+{
+ "data_type": "CVE",
+ "data_format": "MITRE",
+ "data_version": "4.0",
+ "generator": {
+ "engine": "xmltojsonmjc 1.0"
+ },
+ "references": {},
+ "timeline": [
+ {
+ "time": "2003-07-04",
+ "lang": "eng",
+ "value": "reported"
+ },
+ {
+ "time": "2003-07-18",
+ "lang": "eng",
+ "value": "public"
+ },
+ {
+ "time": "2003-07-18",
+ "lang": "eng",
+ "value": "1.3.28 released"
+ }
+ ],
+ "CNA_private": {
+ "owner": "httpd"
+ },
+ "CVE_data_meta": {
+ "ASSIGNER": "security@apache.org",
+ "AKA": "",
+ "STATE": "PUBLIC",
+ "DATE_PUBLIC": "2003-07-18",
+ "ID": "CVE-2003-0460",
+ "TITLE": "RotateLogs DoS"
+ },
+ "source": {
+ "defect": [],
+ "advisory": "",
+ "discovery": "UNKNOWN"
+ },
+ "problemtype": {
+ "problemtype_data": [
+ {
+ "description": [
+ {
+ "lang": "eng",
+ "value": "RotateLogs DoS"
+ }
+ ]
+ }
+ ]
+ },
+ "description": {
+ "description_data": [
+ {
+ "lang": "eng",
+ "value": "The rotatelogs support program on Win32 and OS/2 would quit logging and exit if it received special control characters such as 0x1A."
+ }
+ ]
+ },
+ "impact": [
+ {
+ "other": "important"
+ }
+ ],
+ "affects": {
+ "vendor": {
+ "vendor_data": [
+ {
+ "vendor_name": "Apache Software Foundation",
+ "product": {
+ "product_data": [
+ {
+ "product_name": "Apache HTTP Server",
+ "version": {
+ "version_data": [
+ {
+ "version_name": "1.3",
+ "version_affected": "=",
+ "version_value": "1.3.27"
+ },
+ {
+ "version_name": "1.3",
+ "version_affected": "?=",
+ "version_value": "1.3.26"
+ },
+ {
+ "version_name": "1.3",
+ "version_affected": "?=",
+ "version_value": "1.3.24"
+ },
+ {
+ "version_name": "1.3",
+ "version_affected": "?=",
+ "version_value": "1.3.22"
+ },
+ {
+ "version_name": "1.3",
+ "version_affected": "?=",
+ "version_value": "1.3.20"
+ },
+ {
+ "version_name": "1.3",
+ "version_affected": "?=",
+ "version_value": "1.3.19"
+ },
+ {
+ "version_name": "1.3",
+ "version_affected": "?=",
+ "version_value": "1.3.17"
+ },
+ {
+ "version_name": "1.3",
+ "version_affected": "?=",
+ "version_value": "1.3.14"
+ },
+ {
+ "version_name": "1.3",
+ "version_affected": "?=",
+ "version_value": "1.3.12"
+ },
+ {
+ "version_name": "1.3",
+ "version_affected": "?=",
+ "version_value": "1.3.11"
+ },
+ {
+ "version_name": "1.3",
+ "version_affected": "?=",
+ "version_value": "1.3.9"
+ },
+ {
+ "version_name": "1.3",
+ "version_affected": "?=",
+ "version_value": "1.3.6"
+ },
+ {
+ "version_name": "1.3",
+ "version_affected": "?=",
+ "version_value": "1.3.4"
+ },
+ {
+ "version_name": "1.3",
+ "version_affected": "?=",
+ "version_value": "1.3.3"
+ },
+ {
+ "version_name": "1.3",
+ "version_affected": "?=",
+ "version_value": "1.3.2"
+ },
+ {
+ "version_name": "1.3",
+ "version_affected": "?=",
+ "version_value": "1.3.1"
+ },
+ {
+ "version_name": "1.3",
+ "version_affected": "?=",
+ "version_value": "1.3.0"
+ }
+ ]
+ }
+ }
+ ]
+ }
+ }
+ ]
+ }
+ }
+}
\ No newline at end of file
Added: websites/staging/httpd/trunk/content/security/json/CVE-2003-0542.json
==============================================================================
--- websites/staging/httpd/trunk/content/security/json/CVE-2003-0542.json (added)
+++ websites/staging/httpd/trunk/content/security/json/CVE-2003-0542.json Tue Mar 30 10:14:12 2021
@@ -0,0 +1,237 @@
+{
+ "data_type": "CVE",
+ "data_format": "MITRE",
+ "data_version": "4.0",
+ "generator": {
+ "engine": "xmltojsonmjc 1.0"
+ },
+ "references": {},
+ "timeline": [
+ {
+ "time": "2003-08-04",
+ "lang": "eng",
+ "value": "reported"
+ },
+ {
+ "time": "2003-10-27",
+ "lang": "eng",
+ "value": "public"
+ },
+ {
+ "time": "2003-10-27",
+ "lang": "eng",
+ "value": "1.3.29 released"
+ },
+ {
+ "time": "2003-10-27",
+ "lang": "eng",
+ "value": "2.0.48 released"
+ }
+ ],
+ "CNA_private": {
+ "owner": "httpd"
+ },
+ "CVE_data_meta": {
+ "ASSIGNER": "security@apache.org",
+ "AKA": "",
+ "STATE": "PUBLIC",
+ "DATE_PUBLIC": "2003-10-27",
+ "ID": "CVE-2003-0542",
+ "TITLE": "Local configuration regular expression overflow"
+ },
+ "source": {
+ "defect": [],
+ "advisory": "",
+ "discovery": "UNKNOWN"
+ },
+ "problemtype": {
+ "problemtype_data": [
+ {
+ "description": [
+ {
+ "lang": "eng",
+ "value": "Local configuration regular expression overflow"
+ }
+ ]
+ }
+ ]
+ },
+ "description": {
+ "description_data": [
+ {
+ "lang": "eng",
+ "value": "By using a regular expression with more than 9 captures a buffer overflow can occur in mod_alias or mod_rewrite. To exploit this an attacker would need to be able to create a carefully crafted configuration file (.htaccess or httpd.conf)"
+ }
+ ]
+ },
+ "impact": [
+ {
+ "other": "low"
+ }
+ ],
+ "affects": {
+ "vendor": {
+ "vendor_data": [
+ {
+ "vendor_name": "Apache Software Foundation",
+ "product": {
+ "product_data": [
+ {
+ "product_name": "Apache HTTP Server",
+ "version": {
+ "version_data": [
+ {
+ "version_name": "1.3",
+ "version_affected": "=",
+ "version_value": "1.3.28"
+ },
+ {
+ "version_name": "1.3",
+ "version_affected": "=",
+ "version_value": "1.3.27"
+ },
+ {
+ "version_name": "1.3",
+ "version_affected": "=",
+ "version_value": "1.3.26"
+ },
+ {
+ "version_name": "1.3",
+ "version_affected": "=",
+ "version_value": "1.3.24"
+ },
+ {
+ "version_name": "1.3",
+ "version_affected": "=",
+ "version_value": "1.3.22"
+ },
+ {
+ "version_name": "1.3",
+ "version_affected": "=",
+ "version_value": "1.3.20"
+ },
+ {
+ "version_name": "1.3",
+ "version_affected": "=",
+ "version_value": "1.3.19"
+ },
+ {
+ "version_name": "1.3",
+ "version_affected": "=",
+ "version_value": "1.3.17"
+ },
+ {
+ "version_name": "1.3",
+ "version_affected": "=",
+ "version_value": "1.3.14"
+ },
+ {
+ "version_name": "1.3",
+ "version_affected": "=",
+ "version_value": "1.3.12"
+ },
+ {
+ "version_name": "1.3",
+ "version_affected": "=",
+ "version_value": "1.3.11"
+ },
+ {
+ "version_name": "1.3",
+ "version_affected": "=",
+ "version_value": "1.3.9"
+ },
+ {
+ "version_name": "1.3",
+ "version_affected": "=",
+ "version_value": "1.3.6"
+ },
+ {
+ "version_name": "1.3",
+ "version_affected": "=",
+ "version_value": "1.3.4"
+ },
+ {
+ "version_name": "1.3",
+ "version_affected": "=",
+ "version_value": "1.3.3"
+ },
+ {
+ "version_name": "1.3",
+ "version_affected": "=",
+ "version_value": "1.3.2"
+ },
+ {
+ "version_name": "1.3",
+ "version_affected": "=",
+ "version_value": "1.3.1"
+ },
+ {
+ "version_name": "1.3",
+ "version_affected": "=",
+ "version_value": "1.3.0"
+ },
+ {
+ "version_name": "2.0",
+ "version_affected": "=",
+ "version_value": "2.0.47"
+ },
+ {
+ "version_name": "2.0",
+ "version_affected": "=",
+ "version_value": "2.0.46"
+ },
+ {
+ "version_name": "2.0",
+ "version_affected": "=",
+ "version_value": "2.0.45"
+ },
+ {
+ "version_name": "2.0",
+ "version_affected": "=",
+ "version_value": "2.0.44"
+ },
+ {
+ "version_name": "2.0",
+ "version_affected": "=",
+ "version_value": "2.0.43"
+ },
+ {
+ "version_name": "2.0",
+ "version_affected": "=",
+ "version_value": "2.0.42"
+ },
+ {
+ "version_name": "2.0",
+ "version_affected": "=",
+ "version_value": "2.0.40"
+ },
+ {
+ "version_name": "2.0",
+ "version_affected": "=",
+ "version_value": "2.0.39"
+ },
+ {
+ "version_name": "2.0",
+ "version_affected": "=",
+ "version_value": "2.0.37"
+ },
+ {
+ "version_name": "2.0",
+ "version_affected": "=",
+ "version_value": "2.0.36"
+ },
+ {
+ "version_name": "2.0",
+ "version_affected": "=",
+ "version_value": "2.0.35"
+ }
+ ]
+ }
+ }
+ ]
+ }
+ }
+ ]
+ }
+ }
+}
\ No newline at end of file
Added: websites/staging/httpd/trunk/content/security/json/CVE-2003-0789.json
==============================================================================
--- websites/staging/httpd/trunk/content/security/json/CVE-2003-0789.json (added)
+++ websites/staging/httpd/trunk/content/security/json/CVE-2003-0789.json Tue Mar 30 10:14:12 2021
@@ -0,0 +1,142 @@
+{
+ "data_type": "CVE",
+ "data_format": "MITRE",
+ "data_version": "4.0",
+ "generator": {
+ "engine": "xmltojsonmjc 1.0"
+ },
+ "references": {},
+ "timeline": [
+ {
+ "time": "2003-10-03",
+ "lang": "eng",
+ "value": "reported"
+ },
+ {
+ "time": "2003-10-27",
+ "lang": "eng",
+ "value": "public"
+ },
+ {
+ "time": "2003-10-27",
+ "lang": "eng",
+ "value": "2.0.48 released"
+ }
+ ],
+ "CNA_private": {
+ "owner": "httpd"
+ },
+ "CVE_data_meta": {
+ "ASSIGNER": "security@apache.org",
+ "AKA": "",
+ "STATE": "PUBLIC",
+ "DATE_PUBLIC": "2003-10-27",
+ "ID": "CVE-2003-0789",
+ "TITLE": "CGI output information leak"
+ },
+ "source": {
+ "defect": [],
+ "advisory": "",
+ "discovery": "UNKNOWN"
+ },
+ "problemtype": {
+ "problemtype_data": [
+ {
+ "description": [
+ {
+ "lang": "eng",
+ "value": "CGI output information leak"
+ }
+ ]
+ }
+ ]
+ },
+ "description": {
+ "description_data": [
+ {
+ "lang": "eng",
+ "value": "A bug in mod_cgid mishandling of CGI redirect paths can result in CGI output going to the wrong client when a threaded MPM is used."
+ }
+ ]
+ },
+ "impact": [
+ {
+ "other": "moderate"
+ }
+ ],
+ "affects": {
+ "vendor": {
+ "vendor_data": [
+ {
+ "vendor_name": "Apache Software Foundation",
+ "product": {
+ "product_data": [
+ {
+ "product_name": "Apache HTTP Server",
+ "version": {
+ "version_data": [
+ {
+ "version_name": "2.0",
+ "version_affected": "=",
+ "version_value": "2.0.47"
+ },
+ {
+ "version_name": "2.0",
+ "version_affected": "=",
+ "version_value": "2.0.46"
+ },
+ {
+ "version_name": "2.0",
+ "version_affected": "=",
+ "version_value": "2.0.45"
+ },
+ {
+ "version_name": "2.0",
+ "version_affected": "=",
+ "version_value": "2.0.44"
+ },
+ {
+ "version_name": "2.0",
+ "version_affected": "=",
+ "version_value": "2.0.43"
+ },
+ {
+ "version_name": "2.0",
+ "version_affected": "=",
+ "version_value": "2.0.42"
+ },
+ {
+ "version_name": "2.0",
+ "version_affected": "=",
+ "version_value": "2.0.40"
+ },
+ {
+ "version_name": "2.0",
+ "version_affected": "=",
+ "version_value": "2.0.39"
+ },
+ {
+ "version_name": "2.0",
+ "version_affected": "=",
+ "version_value": "2.0.37"
+ },
+ {
+ "version_name": "2.0",
+ "version_affected": "=",
+ "version_value": "2.0.36"
+ },
+ {
+ "version_name": "2.0",
+ "version_affected": "=",
+ "version_value": "2.0.35"
+ }
+ ]
+ }
+ }
+ ]
+ }
+ }
+ ]
+ }
+ }
+}
\ No newline at end of file
Added: websites/staging/httpd/trunk/content/security/json/CVE-2003-0987.json
==============================================================================
--- websites/staging/httpd/trunk/content/security/json/CVE-2003-0987.json (added)
+++ websites/staging/httpd/trunk/content/security/json/CVE-2003-0987.json Tue Mar 30 10:14:12 2021
@@ -0,0 +1,182 @@
+{
+ "data_type": "CVE",
+ "data_format": "MITRE",
+ "data_version": "4.0",
+ "generator": {
+ "engine": "xmltojsonmjc 1.0"
+ },
+ "references": {},
+ "timeline": [
+ {
+ "time": "2003-12-18",
+ "lang": "eng",
+ "value": "reported"
+ },
+ {
+ "time": "2003-12-18",
+ "lang": "eng",
+ "value": "public"
+ },
+ {
+ "time": "2004-05-12",
+ "lang": "eng",
+ "value": "1.3.31 released"
+ }
+ ],
+ "CNA_private": {
+ "owner": "httpd"
+ },
+ "CVE_data_meta": {
+ "ASSIGNER": "security@apache.org",
+ "AKA": "",
+ "STATE": "PUBLIC",
+ "DATE_PUBLIC": "2003-12-18",
+ "ID": "CVE-2003-0987",
+ "TITLE": "mod_digest nonce checking"
+ },
+ "source": {
+ "defect": [],
+ "advisory": "",
+ "discovery": "UNKNOWN"
+ },
+ "problemtype": {
+ "problemtype_data": [
+ {
+ "description": [
+ {
+ "lang": "eng",
+ "value": "mod_digest nonce checking"
+ }
+ ]
+ }
+ ]
+ },
+ "description": {
+ "description_data": [
+ {
+ "lang": "eng",
+ "value": "mod_digest does not properly verify the nonce of a client response by using a AuthNonce secret. This could allow a malicious user who is able to sniff network traffic to conduct a replay attack against a website using Digest protection. Note that mod_digest implements an older version of the MD5 Digest Authentication specification which is known not to work with modern browsers. This issue does not affect mod_auth_digest."
+ }
+ ]
+ },
+ "impact": [
+ {
+ "other": "low"
+ }
+ ],
+ "affects": {
+ "vendor": {
+ "vendor_data": [
+ {
+ "vendor_name": "Apache Software Foundation",
+ "product": {
+ "product_data": [
+ {
+ "product_name": "Apache HTTP Server",
+ "version": {
+ "version_data": [
+ {
+ "version_name": "1.3",
+ "version_affected": "=",
+ "version_value": "1.3.29"
+ },
+ {
+ "version_name": "1.3",
+ "version_affected": "=",
+ "version_value": "1.3.28"
+ },
+ {
+ "version_name": "1.3",
+ "version_affected": "=",
+ "version_value": "1.3.27"
+ },
+ {
+ "version_name": "1.3",
+ "version_affected": "=",
+ "version_value": "1.3.26"
+ },
+ {
+ "version_name": "1.3",
+ "version_affected": "=",
+ "version_value": "1.3.24"
+ },
+ {
+ "version_name": "1.3",
+ "version_affected": "=",
+ "version_value": "1.3.22"
+ },
+ {
+ "version_name": "1.3",
+ "version_affected": "=",
+ "version_value": "1.3.20"
+ },
+ {
+ "version_name": "1.3",
+ "version_affected": "=",
+ "version_value": "1.3.19"
+ },
+ {
+ "version_name": "1.3",
+ "version_affected": "=",
+ "version_value": "1.3.17"
+ },
+ {
+ "version_name": "1.3",
+ "version_affected": "=",
+ "version_value": "1.3.14"
+ },
+ {
+ "version_name": "1.3",
+ "version_affected": "=",
+ "version_value": "1.3.12"
+ },
+ {
+ "version_name": "1.3",
+ "version_affected": "=",
+ "version_value": "1.3.11"
+ },
+ {
+ "version_name": "1.3",
+ "version_affected": "=",
+ "version_value": "1.3.9"
+ },
+ {
+ "version_name": "1.3",
+ "version_affected": "=",
+ "version_value": "1.3.6"
+ },
+ {
+ "version_name": "1.3",
+ "version_affected": "=",
+ "version_value": "1.3.4"
+ },
+ {
+ "version_name": "1.3",
+ "version_affected": "=",
+ "version_value": "1.3.3"
+ },
+ {
+ "version_name": "1.3",
+ "version_affected": "=",
+ "version_value": "1.3.2"
+ },
+ {
+ "version_name": "1.3",
+ "version_affected": "=",
+ "version_value": "1.3.1"
+ },
+ {
+ "version_name": "1.3",
+ "version_affected": "=",
+ "version_value": "1.3.0"
+ }
+ ]
+ }
+ }
+ ]
+ }
+ }
+ ]
+ }
+ }
+}
\ No newline at end of file
Added: websites/staging/httpd/trunk/content/security/json/CVE-2003-0993.json
==============================================================================
--- websites/staging/httpd/trunk/content/security/json/CVE-2003-0993.json (added)
+++ websites/staging/httpd/trunk/content/security/json/CVE-2003-0993.json Tue Mar 30 10:14:12 2021
@@ -0,0 +1,182 @@
+{
+ "data_type": "CVE",
+ "data_format": "MITRE",
+ "data_version": "4.0",
+ "generator": {
+ "engine": "xmltojsonmjc 1.0"
+ },
+ "references": {},
+ "timeline": [
+ {
+ "time": "2003-10-15",
+ "lang": "eng",
+ "value": "reported"
+ },
+ {
+ "time": "2003-10-15",
+ "lang": "eng",
+ "value": "public"
+ },
+ {
+ "time": "2004-05-12",
+ "lang": "eng",
+ "value": "1.3.31 released"
+ }
+ ],
+ "CNA_private": {
+ "owner": "httpd"
+ },
+ "CVE_data_meta": {
+ "ASSIGNER": "security@apache.org",
+ "AKA": "",
+ "STATE": "PUBLIC",
+ "DATE_PUBLIC": "2003-10-15",
+ "ID": "CVE-2003-0993",
+ "TITLE": "Allow/Deny parsing on big-endian 64-bit platforms"
+ },
+ "source": {
+ "defect": [],
+ "advisory": "",
+ "discovery": "UNKNOWN"
+ },
+ "problemtype": {
+ "problemtype_data": [
+ {
+ "description": [
+ {
+ "lang": "eng",
+ "value": "Allow/Deny parsing on big-endian 64-bit platforms"
+ }
+ ]
+ }
+ ]
+ },
+ "description": {
+ "description_data": [
+ {
+ "lang": "eng",
+ "value": "A bug in the parsing of Allow/Deny rules using IP addresses without a netmask on big-endian 64-bit platforms causes the rules to fail to match."
+ }
+ ]
+ },
+ "impact": [
+ {
+ "other": "important"
+ }
+ ],
+ "affects": {
+ "vendor": {
+ "vendor_data": [
+ {
+ "vendor_name": "Apache Software Foundation",
+ "product": {
+ "product_data": [
+ {
+ "product_name": "Apache HTTP Server",
+ "version": {
+ "version_data": [
+ {
+ "version_name": "1.3",
+ "version_affected": "=",
+ "version_value": "1.3.29"
+ },
+ {
+ "version_name": "1.3",
+ "version_affected": "=",
+ "version_value": "1.3.28"
+ },
+ {
+ "version_name": "1.3",
+ "version_affected": "=",
+ "version_value": "1.3.27"
+ },
+ {
+ "version_name": "1.3",
+ "version_affected": "=",
+ "version_value": "1.3.26"
+ },
+ {
+ "version_name": "1.3",
+ "version_affected": "=",
+ "version_value": "1.3.24"
+ },
+ {
+ "version_name": "1.3",
+ "version_affected": "=",
+ "version_value": "1.3.22"
+ },
+ {
+ "version_name": "1.3",
+ "version_affected": "=",
+ "version_value": "1.3.20"
+ },
+ {
+ "version_name": "1.3",
+ "version_affected": "=",
+ "version_value": "1.3.19"
+ },
+ {
+ "version_name": "1.3",
+ "version_affected": "=",
+ "version_value": "1.3.17"
+ },
+ {
+ "version_name": "1.3",
+ "version_affected": "=",
+ "version_value": "1.3.14"
+ },
+ {
+ "version_name": "1.3",
+ "version_affected": "=",
+ "version_value": "1.3.12"
+ },
+ {
+ "version_name": "1.3",
+ "version_affected": "=",
+ "version_value": "1.3.11"
+ },
+ {
+ "version_name": "1.3",
+ "version_affected": "=",
+ "version_value": "1.3.9"
+ },
+ {
+ "version_name": "1.3",
+ "version_affected": "=",
+ "version_value": "1.3.6"
+ },
+ {
+ "version_name": "1.3",
+ "version_affected": "=",
+ "version_value": "1.3.4"
+ },
+ {
+ "version_name": "1.3",
+ "version_affected": "=",
+ "version_value": "1.3.3"
+ },
+ {
+ "version_name": "1.3",
+ "version_affected": "=",
+ "version_value": "1.3.2"
+ },
+ {
+ "version_name": "1.3",
+ "version_affected": "=",
+ "version_value": "1.3.1"
+ },
+ {
+ "version_name": "1.3",
+ "version_affected": "=",
+ "version_value": "1.3.0"
+ }
+ ]
+ }
+ }
+ ]
+ }
+ }
+ ]
+ }
+ }
+}
\ No newline at end of file
Added: websites/staging/httpd/trunk/content/security/json/CVE-2004-0113.json
==============================================================================
--- websites/staging/httpd/trunk/content/security/json/CVE-2004-0113.json (added)
+++ websites/staging/httpd/trunk/content/security/json/CVE-2004-0113.json Tue Mar 30 10:14:12 2021
@@ -0,0 +1,147 @@
+{
+ "data_type": "CVE",
+ "data_format": "MITRE",
+ "data_version": "4.0",
+ "generator": {
+ "engine": "xmltojsonmjc 1.0"
+ },
+ "references": {},
+ "timeline": [
+ {
+ "time": "2004-02-20",
+ "lang": "eng",
+ "value": "reported"
+ },
+ {
+ "time": "2004-02-20",
+ "lang": "eng",
+ "value": "public"
+ },
+ {
+ "time": "2004-03-19",
+ "lang": "eng",
+ "value": "2.0.49 released"
+ }
+ ],
+ "CNA_private": {
+ "owner": "httpd"
+ },
+ "CVE_data_meta": {
+ "ASSIGNER": "security@apache.org",
+ "AKA": "",
+ "STATE": "PUBLIC",
+ "DATE_PUBLIC": "2004-02-20",
+ "ID": "CVE-2004-0113",
+ "TITLE": "mod_ssl memory leak"
+ },
+ "source": {
+ "defect": [],
+ "advisory": "",
+ "discovery": "UNKNOWN"
+ },
+ "problemtype": {
+ "problemtype_data": [
+ {
+ "description": [
+ {
+ "lang": "eng",
+ "value": "mod_ssl memory leak"
+ }
+ ]
+ }
+ ]
+ },
+ "description": {
+ "description_data": [
+ {
+ "lang": "eng",
+ "value": "A memory leak in mod_ssl allows a remote denial of service attack against an SSL-enabled server by sending plain HTTP requests to the SSL port."
+ }
+ ]
+ },
+ "impact": [
+ {
+ "other": "important"
+ }
+ ],
+ "affects": {
+ "vendor": {
+ "vendor_data": [
+ {
+ "vendor_name": "Apache Software Foundation",
+ "product": {
+ "product_data": [
+ {
+ "product_name": "Apache HTTP Server",
+ "version": {
+ "version_data": [
+ {
+ "version_name": "2.0",
+ "version_affected": "=",
+ "version_value": "2.0.48"
+ },
+ {
+ "version_name": "2.0",
+ "version_affected": "=",
+ "version_value": "2.0.47"
+ },
+ {
+ "version_name": "2.0",
+ "version_affected": "=",
+ "version_value": "2.0.46"
+ },
+ {
+ "version_name": "2.0",
+ "version_affected": "=",
+ "version_value": "2.0.45"
+ },
+ {
+ "version_name": "2.0",
+ "version_affected": "=",
+ "version_value": "2.0.44"
+ },
+ {
+ "version_name": "2.0",
+ "version_affected": "=",
+ "version_value": "2.0.43"
+ },
+ {
+ "version_name": "2.0",
+ "version_affected": "=",
+ "version_value": "2.0.42"
+ },
+ {
+ "version_name": "2.0",
+ "version_affected": "=",
+ "version_value": "2.0.40"
+ },
+ {
+ "version_name": "2.0",
+ "version_affected": "=",
+ "version_value": "2.0.39"
+ },
+ {
+ "version_name": "2.0",
+ "version_affected": "=",
+ "version_value": "2.0.37"
+ },
+ {
+ "version_name": "2.0",
+ "version_affected": "=",
+ "version_value": "2.0.36"
+ },
+ {
+ "version_name": "2.0",
+ "version_affected": "=",
+ "version_value": "2.0.35"
+ }
+ ]
+ }
+ }
+ ]
+ }
+ }
+ ]
+ }
+ }
+}
\ No newline at end of file