Lucene search

K

[email protected]CVE-2004-0492

HistoryAug 06, 2004 - 4:00 a.m.

CVE-2004-0492

2004-08-0604:00:00

NVD-CWE-Other

[email protected]

web.nvd.nist.gov

270

apache

mod_proxy

buffer overflow

cve-2004-0492

denial of service

remote code execution

7.7 High

AI Score

Confidence

Low

10 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.012 Low

EPSS

Percentile

85.3%

Heap-based buffer overflow in proxy_util.c for mod_proxy in Apache 1.3.25 to 1.3.31 allows remote attackers to cause a denial of service (process crash) and possibly execute arbitrary code via a negative Content-Length HTTP header field, which causes a large amount of data to be copied.

CPENameOperatorVersion
hp:webproxyhp webproxyeq2.0
hp:virtualvaulthp virtualvaulteq11.0.4
apache:http_serverapache http servereq1.3.27
ibm:http_serveribm http servereq1.3.28
apache:http_serverapache http servereq1.3.28
apache:http_serverapache http servereq1.3.31
hp:webproxyhp webproxyeq2.1
ibm:http_serveribm http servereq1.3.26.1
apache:http_serverapache http servereq1.3.26
apache:http_serverapache http servereq1.3.29

Rows per page:

1-10 of 171

References

ftp://patches.sgi.com/support/free/security/advisories/20040605-01-U.asc

marc.info/?l=bugtraq&m=108711172710140&w=2

marc.info/?l=bugtraq&m=130497311408250&w=2

rhn.redhat.com/errata/RHSA-2004-245.html

seclists.org/lists/fulldisclosure/2004/Jun/0296.html

secunia.com/advisories/11841

sunsolve.sun.com/search/document.do?assetkey=1-26-101555-1

sunsolve.sun.com/search/document.do?assetkey=1-26-101841-1

sunsolve.sun.com/search/document.do?assetkey=1-26-57628-1

www.debian.org/security/2004/dsa-525

www.guninski.com/modproxy1.html

www.kb.cert.org/vuls/id/541310

www.mandriva.com/security/advisories?name=MDKSA-2004:065

bugzilla.fedora.us/show_bug.cgi?id=1737

exchange.xforce.ibmcloud.com/vulnerabilities/16387

lists.apache.org/thread.html/r5419c9ba0951ef73a655362403d12bb8d10fab38274deb3f005816f5%40%3Ccvs.httpd.apache.org%3E

lists.apache.org/thread.html/r734a07156abf332d5ab27fb91d9d962cacfef4f3681e44056f064fa8%40%3Ccvs.httpd.apache.org%3E

lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E

lists.apache.org/thread.html/rd65d8ba68ba17e7deedafbf5bb4899f2ae4dad781d21b931c2941ac3%40%3Ccvs.httpd.apache.org%3E

lists.apache.org/thread.html/re895fc1736d25c8cf57e102c871613b8aeec9ea26fd8a44e7942b5ab%40%3Ccvs.httpd.apache.org%3E

lists.apache.org/thread.html/rf2f0f3611f937cf6cfb3b4fe4a67f69885855126110e1e3f2fb2728e%40%3Ccvs.httpd.apache.org%3E

lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E

oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A100112

oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A4863

7.7 High

AI Score

Confidence

Low

10 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.012 Low

EPSS

Percentile

85.3%

Related for CVE-2004-0492

openvas20 nessus14 gentoo1 ubuntucve1 httpd1 securityvulns1 f52 freebsd1 cert1 osv1 debian1 redhat1 slackware2 suse2