Lucene search

[email protected]NVD:CVE-2004-0700

HistoryJul 27, 2004 - 4:00 a.m.

CVE-2004-0700

2004-07-2704:00:00

[email protected]

web.nvd.nist.gov

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

7.2 High

AI Score

Confidence

Low

0.901 High

EPSS

Percentile

98.8%

JSON

Format string vulnerability in the mod_proxy hook functions function in ssl_engine_log.c in mod_ssl before 2.8.19 for Apache before 1.3.31 may allow remote attackers to execute arbitrary messages via format string specifiers in certain log messages for HTTPS that are handled by the ssl_log function.

Affected configurations

NVD

Node

mod_sslmod_sslMatch2.3.11

mod_sslmod_sslMatch2.4.0

mod_sslmod_sslMatch2.4.1

mod_sslmod_sslMatch2.4.2

mod_sslmod_sslMatch2.4.3

mod_sslmod_sslMatch2.4.4

mod_sslmod_sslMatch2.4.5

mod_sslmod_sslMatch2.4.6

mod_sslmod_sslMatch2.4.7

mod_sslmod_sslMatch2.4.8

mod_sslmod_sslMatch2.4.9

mod_sslmod_sslMatch2.4.10

mod_sslmod_sslMatch2.5.0

mod_sslmod_sslMatch2.5.1

mod_sslmod_sslMatch2.6.0

mod_sslmod_sslMatch2.6.1

mod_sslmod_sslMatch2.6.2

mod_sslmod_sslMatch2.6.3

mod_sslmod_sslMatch2.6.4

mod_sslmod_sslMatch2.6.5

mod_sslmod_sslMatch2.6.6

mod_sslmod_sslMatch2.7.0

mod_sslmod_sslMatch2.7.1

mod_sslmod_sslMatch2.8.0

mod_sslmod_sslMatch2.8.1

mod_sslmod_sslMatch2.8.1.2

mod_sslmod_sslMatch2.8.2

mod_sslmod_sslMatch2.8.3

mod_sslmod_sslMatch2.8.4

mod_sslmod_sslMatch2.8.5

mod_sslmod_sslMatch2.8.5.1

mod_sslmod_sslMatch2.8.5.2

mod_sslmod_sslMatch2.8.6

mod_sslmod_sslMatch2.8.7

mod_sslmod_sslMatch2.8.8

mod_sslmod_sslMatch2.8.9

mod_sslmod_sslMatch2.8.10

mod_sslmod_sslMatch2.8.12

mod_sslmod_sslMatch2.8.14

mod_sslmod_sslMatch2.8.15

mod_sslmod_sslMatch2.8.16

mod_sslmod_sslMatch2.8.17

mod_sslmod_sslMatch2.8.18

Node

gentoolinuxMatch1.4

References

distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000857

marc.info/?l=apache-modssl&m=109001100906749&w=2

marc.info/?l=bugtraq&m=109005001205991&w=2

packetstormsecurity.org/0407-advisories/modsslFormat.txt

virulent.siyahsapka.org/

www.debian.org/security/2004/dsa-532

www.kb.cert.org/vuls/id/303448

www.mandrakesecure.net/en/advisories/advisory.php?name=MDKSA-2004:075

www.osvdb.org/7929

www.redhat.com/support/errata/RHSA-2004-405.html

www.redhat.com/support/errata/RHSA-2004-408.html

www.securityfocus.com/bid/10736

www.ubuntu.com/usn/usn-177-1

bugzilla.fedora.us/show_bug.cgi?id=1888

exchange.xforce.ibmcloud.com/vulnerabilities/16705

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

7.2 High

AI Score

Confidence

Low

0.901 High

EPSS

Percentile

98.8%

JSON

Related for NVD:CVE-2004-0700

nessus8 openvas9 f53 redhat1 cvelist1 freebsd1 ubuntucve1 cve1 debian2 osv1 ubuntu1