K000138508: mod_ssl vulnerability CVE-2004-0700

Security Advisory Description Format string vulnerability in the modproxy hook functions function in sslenginelog.c in modssl before 2.8.19 for Apache before 1.3.31 may allow remote attackers to execute arbitrary messages via format string specifiers in certain log messages for HTTPS that are...

FreeBSD Ports: apache+mod_ssl

The remote host is missing an update to the system as announced in the referenced advisory. VID 18974c8a-1fbd-11d9-814e-0001020eed82 OpenVAS Vulnerability Test $ Description: Auto generated from vuxml or freebsd advisories Authors: Thomas Reinke Copyright: Copyright c 2008 E-Soft Inc...

FreeBSD Ports: apache+mod_ssl

The remote host is missing an update to the system as announced in the referenced advisory. SPDX-FileCopyrightText: 2008 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...

Debian Security Advisory DSA 532-1 (libapache-mod-ssl)

The remote host is missing an update to libapache-mod-ssl announced via advisory DSA 532-1. OpenVAS Vulnerability Test $Id: deb5321.nasl 6616 2017-07-07 12:10:49Z cfischer $ Description: Auto-generated from advisory DSA 532-1 Authors: Thomas Reinke Copyright: Copyright c 2007 E-Soft Inc...

RHEL 2.1 : mod_ssl (RHSA-2004:408)

An updated modssl package for Apache that fixes a format string vulnerability is now available. The modssl module provides strong cryptography for the Apache Web server via the Secure Sockets Layer SSL and Transport Layer Security TLS protocols. A format string issue was discovered in modssl for...

Mandrake Linux Security Advisory : mod_ssl (MDKSA-2004:075)

Ralf S. Engelschall found a remaining risky call to ssllog while reviewing code for another issue reported by Virulent. The updated packages are patched to correct the problem. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extract...

CVE-2004-0700

Format string vulnerability in the modproxy hook functions function in sslenginelog.c in modssl before 2.8.19 for Apache before 1.3.31 may allow remote attackers to execute arbitrary messages via format string specifiers in certain log messages for HTTPS that are handled by the ssllog function...

CVE-2004-0700

Format string vulnerability in the modproxy hook functions function in sslenginelog.c in modssl before 2.8.19 for Apache before 1.3.31 may allow remote attackers to execute arbitrary messages via format string specifiers in certain log messages for HTTPS that are handled by the ssllog function...

CVE-2004-0700

CVE-2004-0700 describes a format-string vulnerability in the mod_ssl component (ssl_engine_log.c) of Apache’s mod_ssl. Affects Apache before 1.3.31 with mod_ssl up to version 2.8.19; remote attackers could use format specifiers in HTTPS log messages processed by ssl_log to potentially execute arb...

CVE-2004-0700

Format string vulnerability in the modproxy hook functions function in sslenginelog.c in modssl before 2.8.19 for Apache before 1.3.31 may allow remote attackers to execute arbitrary messages via format string specifiers in certain log messages for HTTPS that are handled by the ssllog function...

Apache mod_ssl ssl_engine_log.c mod_proxy Hook Function Remote Format String

The remote host is using a version vulnerable of modssl which is older than 2.8.19. There is a format string condition in the log functions of the remote module which may allow an attacker to execute arbitrary code on the remote host. Some vendors patched older versions of modssl, so this might b...