Lucene search

[email protected]CVE-2003-0192

HistoryAug 18, 2003 - 4:00 a.m.

CVE-2003-0192

2003-08-1804:00:00

NVD-CWE-Other

[email protected]

web.nvd.nist.gov

cve-2003-0192

apache

mod_ssl

sslciphersuite

vulnerability

nvd

6.3 Medium

AI Score

Confidence

Low

6.4 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:P/A:P

0.012 Low

EPSS

Percentile

84.9%

JSON

Apache 2 before 2.0.47, and certain versions of mod_ssl for Apache 1.3, do not properly handle “certain sequences of per-directory renegotiations and the SSLCipherSuite directive being used to upgrade from a weak ciphersuite to a strong one,” which could cause Apache to use the weak ciphersuite.

CPENameOperatorVersion
apache:http_serverapache http servereq2.0.42
apache:http_serverapache http servereq2.0.35
apache:http_serverapache http servereq2.0.37
apache:http_serverapache http servereq2.0.44
apache:http_serverapache http servereq2.0.39
apache:http_serverapache http servereq2.0.41
apache:http_serverapache http servereq2.0.32
apache:http_serverapache http servereq2.0.38
apache:http_serverapache http servereq2.0.45
apache:http_serverapache http servereq2.0.40

CPE	Name	Operator	Version
apache:http_server	apache http server	eq	2.0.42
apache:http_server	apache http server	eq	2.0.35
apache:http_server	apache http server	eq	2.0.37
apache:http_server	apache http server	eq	2.0.44
apache:http_server	apache http server	eq	2.0.39
apache:http_server	apache http server	eq	2.0.41
apache:http_server	apache http server	eq	2.0.32
apache:http_server	apache http server	eq	2.0.38
apache:http_server	apache http server	eq	2.0.45
apache:http_server	apache http server	eq	2.0.40

Rows per page:

1-10 of 151

References

ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2004.6/SCOSA-2004.6.txt

marc.info/?l=bugtraq&m=105776593602600&w=2

www.mandriva.com/security/advisories?name=MDKSA-2003:075

www.redhat.com/support/errata/RHSA-2003-240.html

www.redhat.com/support/errata/RHSA-2003-243.html

www.redhat.com/support/errata/RHSA-2003-244.html

lists.apache.org/thread.html/54a42d4b01968df1117cea77fc53d6beb931c0e05936ad02af93e9ac%40%3Ccvs.httpd.apache.org%3E

lists.apache.org/thread.html/5df9bfb86a3b054bb985a45ff9250b0332c9ecc181eec232489e7f79%40%3Ccvs.httpd.apache.org%3E

lists.apache.org/thread.html/r0276683d8e1e07153fc8642618830ac0ade85b9ae0dc7b07f63bb8fc%40%3Ccvs.httpd.apache.org%3E

lists.apache.org/thread.html/r2cb985de917e7da0848c440535f65a247754db8b2154a10089e4247b%40%3Ccvs.httpd.apache.org%3E

lists.apache.org/thread.html/r5001ecf3d6b2bdd0b732e527654248abb264f08390045d30709a92f6%40%3Ccvs.httpd.apache.org%3E

lists.apache.org/thread.html/r7035b7c9091c4b665a3b7205364775410646f12125d48e74e395f2ce%40%3Ccvs.httpd.apache.org%3E

lists.apache.org/thread.html/r8828e649175df56f1f9e3919938ac7826128525426e2748f0ab62feb%40%3Ccvs.httpd.apache.org%3E

lists.apache.org/thread.html/r9e8622254184645bc963a1d47c5d47f6d5a36d6f080d8d2c43b2b142%40%3Ccvs.httpd.apache.org%3E

lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E

lists.apache.org/thread.html/raa117ef183f0da9b3f46efbeaa66f7622bd68868a450cae4fd8ed594%40%3Ccvs.httpd.apache.org%3E

lists.apache.org/thread.html/re028d61fe612b0908595d658b9b39e74bca56f2a1ed3c5f06b5ab571%40%3Ccvs.httpd.apache.org%3E

lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E

oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A169

6.3 Medium

AI Score

Confidence

Low

6.4 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:P/A:P

0.012 Low

EPSS

Percentile

84.9%

JSON

Related for CVE-2003-0192

httpd1 debiancve1 redhat1 nessus4 securityvulns2