Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
httpdApache Team FoundationHTTPD:18EAF7F92541BF62857123A840724D27
HistoryAug 04, 2003 - 12:00 a.m.

Apache Httpd < 1.3.29 : Local configuration regular expression overflow

2003-08-0400:00:00
Apache Team Foundation
httpd.apache.org
9

7.2 High

CVSS2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

0.001 Low

EPSS

Percentile

40.9%

JSON

By using a regular expression with more than 9 captures a buffer overflow can occur in mod_alias or mod_rewrite. To exploit this an attacker would need to be able to create a carefully crafted configuration file (.htaccess or httpd.conf)

Related

f5 2
openvas 8
slackware 1
httpd 1
nessus 13
gentoo 2
cve 1
nvd 1
redhat 2
securityvulns 2
cvelist 1
debiancve 1
cert 2
f5
f5
SOL3144 - Apache mod_alias buffer overflow vulnerability - CAN-2003-0542
2007-05-16 00:00:00
K3144 : Apache mod_alias buffer overflow vulnerability CAN-2003-0542
2013-03-28 00:00:00
openvas
openvas
Gentoo Security Advisory GLSA 200310-03 (Apache)
2008-09-24 00:00:00
Slackware Advisory SSA:2003-308-01 apache security update
2012-09-11 00:00:00
Slackware: Security Advisory (SSA:2003-308-01)
2012-09-10 00:00:00
slackware
slackware
apache security update
2003-11-04 16:48:11
httpd
httpd
Apache Httpd < 2.0.48 : Local configuration regular expression overflow
2003-08-04 00:00:00
nessus
nessus
Fedora Core 1 : httpd-2.0.48-1.2 (2003-004)
2004-07-23 00:00:00
Slackware 8.1 / 9.0 / 9.1 / current : apache security update (SSA:2003-308-01)
2005-07-13 00:00:00
Apache < 1.3.29 Multiple Modules Local Overflow
2003-11-01 00:00:00
gentoo
gentoo
Apache: multiple buffer overflows
2003-10-28 00:00:00
Apache: buffer overflows and a possible information disclosure
2003-10-31 00:00:00
cve
cve
CVE-2003-0542
2003-11-03 05:00:00
nvd
nvd
CVE-2003-0542
2003-11-03 05:00:00
redhat
redhat
(RHSA-2004:015) httpd security update
2004-01-13 00:00:00
(RHSA-2003:360) apache security update
2003-12-10 00:00:00
securityvulns
securityvulns
NetSec Security Advisory: Multiple Vulnerabilities Resulting From Use Of Apple OSX HFS+
2005-02-17 00:00:00
[RHSA-2003:320-01] Updated httpd packages fix Apache security vulnerabilities
2003-12-17 00:00:00
cvelist
cvelist
CVE-2003-0542
2003-10-30 05:00:00
debiancve
debiancve
CVE-2003-0542
2003-11-03 05:00:00
cert
cert
Apache mod_alias vulnerable to buffer overflow via crafted regular expression
2004-02-03 00:00:00
Apache mod_rewrite vulnerable to buffer overflow via crafted regular expression
2004-02-03 00:00:00

7.2 High

CVSS2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

0.001 Low

EPSS

Percentile

40.9%

JSON
Related for HTTPD:18EAF7F92541BF62857123A840724D27
f52openvas8slackware1httpd1nessus13gentoo2cve1nvd1redhat2securityvulns2cvelist1debiancve1cert2