Lucene search

[email protected]CVE-2003-0993

HistoryMar 29, 2004 - 5:00 a.m.

CVE-2003-0993

2004-03-2905:00:00

NVD-CWE-Other

[email protected]

web.nvd.nist.gov

cve-2003-0993

apache

mod_access

access restrictions

ip addresses

netmask

nvd

6.3 Medium

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.003 Low

EPSS

Percentile

71.4%

JSON

mod_access in Apache 1.3 before 1.3.30, when running big-endian 64-bit platforms, does not properly parse Allow/Deny rules using IP addresses without a netmask, which could allow remote attackers to bypass intended access restrictions.

CPENameOperatorVersion
apache:http_serverapache http servereq1.3.23
apache:http_serverapache http servereq1.3.27
apache:http_serverapache http servereq1.3.1
apache:http_serverapache http servereq1.3.25
apache:http_serverapache http servereq1.3.28
apache:http_serverapache http servereq1.3.19
apache:http_serverapache http servereq1.3.24
apache:http_serverapache http servereq1.3.20
apache:http_serverapache http servereq1.3.7
apache:http_serverapache http servereq1.3.6

CPE	Name	Operator	Version
apache:http_server	apache http server	eq	1.3.23
apache:http_server	apache http server	eq	1.3.27
apache:http_server	apache http server	eq	1.3.1
apache:http_server	apache http server	eq	1.3.25
apache:http_server	apache http server	eq	1.3.28
apache:http_server	apache http server	eq	1.3.19
apache:http_server	apache http server	eq	1.3.24
apache:http_server	apache http server	eq	1.3.20
apache:http_server	apache http server	eq	1.3.7
apache:http_server	apache http server	eq	1.3.6

Rows per page:

1-10 of 221

References

frontal2.mandriva.com/security/advisories?name=MDKSA-2004:046

issues.apache.org/bugzilla/show_bug.cgi?id=23850

marc.info/?l=apache-cvs&m=107869603013722

marc.info/?l=bugtraq&m=108437852004207&w=2

security.gentoo.org/glsa/glsa-200405-22.xml

sunsolve.sun.com/search/document.do?assetkey=1-26-101555-1

sunsolve.sun.com/search/document.do?assetkey=1-26-101841-1

sunsolve.sun.com/search/document.do?assetkey=1-26-57628-1

www.apacheweek.com/features/security-13

www.securityfocus.com/bid/9829

www.slackware.com/security/viewer.php?l=slackware-security&y=2004&m=slackware-security.529643

www.trustix.org/errata/2004/0027

exchange.xforce.ibmcloud.com/vulnerabilities/15422

lists.apache.org/thread.html/r5419c9ba0951ef73a655362403d12bb8d10fab38274deb3f005816f5%40%3Ccvs.httpd.apache.org%3E

lists.apache.org/thread.html/r5f9c22f9c28adbd9f00556059edc7b03a5d5bb71d4bb80257c0d34e4%40%3Ccvs.httpd.apache.org%3E

lists.apache.org/thread.html/r7035b7c9091c4b665a3b7205364775410646f12125d48e74e395f2ce%40%3Ccvs.httpd.apache.org%3E

lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E

lists.apache.org/thread.html/raa117ef183f0da9b3f46efbeaa66f7622bd68868a450cae4fd8ed594%40%3Ccvs.httpd.apache.org%3E

lists.apache.org/thread.html/re028d61fe612b0908595d658b9b39e74bca56f2a1ed3c5f06b5ab571%40%3Ccvs.httpd.apache.org%3E

lists.apache.org/thread.html/rf2f0f3611f937cf6cfb3b4fe4a67f69885855126110e1e3f2fb2728e%40%3Ccvs.httpd.apache.org%3E

lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E

oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A100111

oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A4670

6.3 Medium

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.003 Low

EPSS

Percentile

71.4%

JSON

Related for CVE-2003-0993

nessus9 openvas8 freebsd1 httpd1 ubuntucve1 cvelist1 slackware1 gentoo1 suse2