Vulnerable Apache Server

Overview of security vulnerabilities in Apache httpd 1.3 (ApacheWeek and Fed Circ)

Vulnerabilities exist in the 1.3.xx versions of Apache Web Server. These vulnerabilities may effect the Unix version, the Win32 version or both. NOTE: A few operating system vendors, notably RedHat, refuse to upgrade the version number of Apache (as read from the HTTP 1.1 header) when they patch the software. This has three negative impacts: Consequently, we recommend that the upgrade be performed from the product's site (www.apache.org)

Apache httpd 1.3.24


Fixed in Apache httpd 1.3.24


Fixed in Apache httpd 1.3.22


Fixed in Apache httpd 1.3.20


Fixed in Apache httpd 1.3.19


Fixed in Apache httpd 1.3.14


Fixed in Apache httpd 1.3.12


Fixed in Apache httpd 1.3.11


Fixed in Apache httpd 1.3.4


Fixed in Apache httpd 1.3.2