None

29 Dec 2021


      documented for Apache (without additional plugins):
* 2001-07-10: Apache Possible Directory Index Disclosure Vulnerability
* 2001-06-10: MacOS X Client Apache File Protection Bypass Vulnerability
* 2001-04-12: Apache Web Server HTTP Request Denial of Service Vulnerability
* 2001-03-13: Apache Artificially Long Slash Path Directory Listing
Vulnerability
* 2000-12-06: Apache Web Server with Php 3 File Disclosure Vulnerability
* 2000-09-29: Apache Rewrite Module Arbitrary File Disclosure Vulnerability
* 2000-09-07: SuSE Apache WebDAV Directory Listings Vulnerability
* 2000-05-31: Apache HTTP Server (win32) Root Directory Access Vulnerability
* 1999-09-25: NCSA/Apache httpd ScriptAlias Source Retrieval Vulnerability
* 1998-09-03: Multiple Vendor MIME Header DoS Vulnerability
* 1998-01-06: Apache Web Server DoS Vulnerability
* 1997-01-12: Apache mod_cookies Buffer Overflow Vulnerability
* 1996-12-10: Multiple Vendor nph-test-cgi Vulnerability
* 1996-04-01: Multiple Vendor test-cgi Directory Listing Vulnerability
* 1996-03-20: phf Remote Command Execution Vulnerability
However, due to Apache's extensible nature (like IIS), I expect the actual
number is much higher.  For example, AKAIK the Code Red Worm attacked a DLL
running one of the additional IIS services, not the IIS core directly.
Ashley

2025

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

2005

2004

2003

2002

2001

2000

1999

1998

1997

None