Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cveMitreCVE-2003-1307
HistoryOct 23, 2006 - 5:00 p.m.

CVE-2003-1307

2006-10-2317:00:00
mitre
web.nvd.nist.gov
54
cve-2003-1307
apache http server
mod_php
local users
signals
intercept connections
vulnerability
nvd

CVSS2

4.3

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:L/Au:S/C:P/I:P/A:P

AI Score

6.4

Confidence

High

EPSS

0.001

Percentile

33.0%

JSON

The mod_php module for the Apache HTTP Server allows local users with write access to PHP scripts to send signals to the server’s process group and use the server’s file descriptors, as demonstrated by sending a STOP signal, then intercepting incoming connections on the server’s TCP port. NOTE: the PHP developer has disputed this vulnerability, saying "The opened file descriptors are opened by Apache. It is the job of Apache to protect them … Not a bug in PHP.

Affected configurations

Nvd
Node
apachehttp_serverMatch2.0
OR
apachehttp_serverMatch2.0.9
OR
apachehttp_serverMatch2.0.28
OR
apachehttp_serverMatch2.0.28beta
OR
apachehttp_serverMatch2.0.28betawin32
OR
apachehttp_serverMatch2.0.32
OR
apachehttp_serverMatch2.0.32betawin32
OR
apachehttp_serverMatch2.0.34betawin32
OR
apachehttp_serverMatch2.0.35
OR
apachehttp_serverMatch2.0.36
OR
apachehttp_serverMatch2.0.37
OR
apachehttp_serverMatch2.0.38
OR
apachehttp_serverMatch2.0.39
OR
apachehttp_serverMatch2.0.40
OR
apachehttp_serverMatch2.0.41
OR
apachehttp_serverMatch2.0.42
OR
apachehttp_serverMatch2.0.43
OR
apachehttp_serverMatch2.0.44
OR
apachehttp_serverMatch2.0.45
OR
apachehttp_serverMatch2.0.46
OR
apachehttp_serverMatch2.0.46win32
OR
apachehttp_serverMatch2.0.47
OR
apachehttp_serverMatch2.0.48
VendorProductVersionCPE
apachehttp_server2.0cpe:2.3:a:apache:http_server:2.0:*:*:*:*:*:*:*
apachehttp_server2.0.9cpe:2.3:a:apache:http_server:2.0.9:*:*:*:*:*:*:*
apachehttp_server2.0.28cpe:2.3:a:apache:http_server:2.0.28:*:*:*:*:*:*:*
apachehttp_server2.0.28cpe:2.3:a:apache:http_server:2.0.28:beta:*:*:*:*:*:*
apachehttp_server2.0.28cpe:2.3:a:apache:http_server:2.0.28:beta:win32:*:*:*:*:*
apachehttp_server2.0.32cpe:2.3:a:apache:http_server:2.0.32:*:*:*:*:*:*:*
apachehttp_server2.0.32cpe:2.3:a:apache:http_server:2.0.32:beta:win32:*:*:*:*:*
apachehttp_server2.0.34cpe:2.3:a:apache:http_server:2.0.34:beta:win32:*:*:*:*:*
apachehttp_server2.0.35cpe:2.3:a:apache:http_server:2.0.35:*:*:*:*:*:*:*
apachehttp_server2.0.36cpe:2.3:a:apache:http_server:2.0.36:*:*:*:*:*:*:*
Rows per page:
1-10 of 231

Related

cvelist 1
nvd 1
exploitdb 2
debiancve 1
redhatcve 1
cvelist
cvelist
CVE-2003-1307
2006-10-23 17:00:00
nvd
nvd
CVE-2003-1307
2003-12-31 05:00:00
exploitdb
exploitdb
Apache 2.0.4x mod_php - File Descriptor Leakage (1)
2003-12-26 00:00:00
Apache 2.0.4x mod_php - File Descriptor Leakage (2)
2003-12-26 00:00:00
debiancve
debiancve
CVE-2003-1307
2006-10-23 17:00:00
redhatcve
redhatcve
CVE-2003-1307
2015-10-30 09:30:04

CVSS2

4.3

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:L/Au:S/C:P/I:P/A:P

AI Score

6.4

Confidence

High

EPSS

0.001

Percentile

33.0%

JSON
Related for CVE-2003-1307
cvelist1nvd1exploitdb2debiancve1redhatcve1