Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
freebsdFreeBSD762D1C6D-0722-11D9-B45D-000C41E2CDAD
HistorySep 15, 2004 - 12:00 a.m.

apache -- apr_uri_parse IPv6 address handling vulnerability

2004-09-1500:00:00
vuxml.freebsd.org
18

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

0.089 Low

EPSS

Percentile

94.5%

JSON

The Apache Software Foundation Security Team discovered a
programming error in the apr-util library function apr_uri_parse.
When parsing IPv6 literal addresses, it is possible that a
length is incorrectly calculated to be negative, and this
value is passed to memcpy. This may result in an exploitable
vulnerability on some platforms, including FreeBSD.

OSVersionArchitecturePackageVersionFilename
FreeBSDanynoarchapache= 2.0UNKNOWN
FreeBSDanynoarchapache< 2.0.50_3UNKNOWN

Related

nessus 11
openvas 6
checkpoint_advisories 1
ubuntucve 1
cve 1
httpd 1
debiancve 1
securityvulns 2
redhat 1
gentoo 1
suse 1
nessus
nessus
FreeBSD : apache -- apr_uri_parse IPv6 address handling vulnerability (762d1c6d-0722-11d9-b45d-000c41e2cdad)
2009-04-23 00:00:00
Fedora Core 1 : apr-util-0.9.4-2.1 (2004-307)
2004-09-17 00:00:00
Fedora Core 2 : apr-util-0.9.4-14.2 (2004-308)
2004-09-17 00:00:00
openvas
openvas
FreeBSD Ports: apache
2008-09-04 00:00:00
FreeBSD Ports: apache
2008-09-04 00:00:00
Gentoo Security Advisory GLSA 200409-21 (apache)
2008-09-24 00:00:00
checkpoint_advisories
checkpoint_advisories
Apache apr-util IPv6 URI Parsing (CVE-2004-0786)
2009-10-08 00:00:00
ubuntucve
ubuntucve
CVE-2004-0786
2004-10-20 00:00:00
cve
cve
CVE-2004-0786
2004-10-20 04:00:00
httpd
httpd
Apache Httpd < 2.0.51 : IPv6 URI parsing heap overflow
2004-08-25 00:00:00
debiancve
debiancve
CVE-2004-0786
2004-10-20 04:00:00
securityvulns
securityvulns
MDKSA-2004:096 - Updated apache2 packages fix multiple vulnerabilities
2004-09-16 00:00:00
[ANNOUNCE] Apache HTTP Server 2.0.51 Released
2004-09-16 00:00:00
redhat
redhat
(RHSA-2004:463) httpd security update
2004-09-15 00:00:00
gentoo
gentoo
Apache 2, mod_dav: Multiple vulnerabilities
2004-09-16 00:00:00
suse
suse
remote denial-of-service in apache2
2004-09-15 15:46:39

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

0.089 Low

EPSS

Percentile

94.5%

JSON
Related for 762D1C6D-0722-11D9-B45D-000C41E2CDAD
nessus11openvas6checkpoint_advisories1ubuntucve1cve1httpd1debiancve1securityvulns2redhat1gentoo1suse1