Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
osvGoogleOSV:DSA-525
HistoryJun 24, 2004 - 12:00 a.m.

apache - buffer overflow

2004-06-2400:00:00
Google
osv.dev
13

10 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

JSON

Georgi Guninski discovered a buffer overflow bug in Apache’s mod_proxy
module, whereby a remote user could potentially cause arbitrary code
to be executed with the privileges of an Apache httpd child process
(by default, user www-data). Note that this bug is only exploitable
if the mod_proxy module is in use.

Note that this bug exists in a module in the apache-common package,
shared by apache, apache-ssl and apache-perl, so this update is
sufficient to correct the bug for all three builds of Apache httpd.
However, on systems using apache-ssl or apache-perl, httpd will not
automatically be restarted.

For the current stable distribution (woody), this problem has been
fixed in version 1.3.26-0woody5.

For the unstable distribution (sid), this problem has been fixed in
version 1.3.31-2.

We recommend that you update your apache package.

Related

ubuntucve 1
nessus 14
openvas 20
cve 1
httpd 1
gentoo 1
debian 1
f5 2
cvelist 1
securityvulns 1
freebsd 1
cert 1
slackware 2
redhat 1
suse 2
ubuntucve
ubuntucve
CVE-2004-0492
2004-08-06 00:00:00
nessus
nessus
Apache mod_proxy Content-Length Overflow
2004-10-25 00:00:00
FreeBSD : apache -- heap overflow in mod_proxy (10)
2004-09-28 00:00:00
Debian DSA-525-1 : apache - buffer overflow
2004-09-29 00:00:00
openvas
openvas
Gentoo Security Advisory GLSA 200406-16 (Apache)
2008-09-24 00:00:00
FreeBSD Ports: apache
2008-09-04 00:00:00
Apache mod_proxy content-length buffer overflow
2005-11-03 00:00:00
cve
cve
CVE-2004-0492
2004-08-06 04:00:00
httpd
httpd
Apache Httpd < 1.3.32 : mod_proxy buffer overflow
2003-06-08 00:00:00
gentoo
gentoo
Apache 1.3: Buffer overflow in mod_proxy
2004-06-21 00:00:00
debian
debian
[SECURITY] [DSA 525-1] New apache packages fix buffer overflow in mod_proxy
2004-06-25 00:00:00
f5
f5
SOL3279 - Heap-based buffer overflow in mod_proxy - CAN-2004-0492
2007-05-16 00:00:00
K3279 : Heap-based buffer overflow in mod_proxy - CAN-2004-0492
2013-03-29 00:00:00
cvelist
cvelist
CVE-2004-0492
2004-06-23 04:00:00
securityvulns
securityvulns
[SECURITY] [DSA 525-1] New apache packages fix buffer overflow in mod_proxy
2004-06-26 00:00:00
freebsd
freebsd
apache -- heap overflow in mod_proxy
2004-06-10 00:00:00
cert
cert
Apache HTTP Server contains a buffer overflow in the mod_proxy module
2004-10-19 00:00:00
slackware
slackware
[slackware-security] apache+mod_ssl
2004-11-01 08:00:31
[slackware-security] apache, mod_ssl, php
2004-10-26 00:40:01
redhat
redhat
(RHSA-2004:245) apache, mod_ssl security update
2004-06-14 00:00:00
suse
suse
remote system compromise in xshared, XFree86-libs, xorg-x11-libs
2004-11-17 16:17:43
potential remote buffer overflow in samba
2004-11-15 22:07:05

10 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

JSON
Related for OSV:DSA-525
ubuntucve1nessus14openvas20cve1httpd1gentoo1debian1f52cvelist1securityvulns1freebsd1cert1slackware2redhat1suse2