Lucene search

K
ubuntucveUbuntu.comUB:CVE-2004-0940
HistoryFeb 09, 2005 - 12:00 a.m.

CVE-2004-0940

2005-02-0900:00:00
ubuntu.com
ubuntu.com
11

CVSS2

6.9

Attack Vector

LOCAL

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:M/Au:N/C:C/I:C/A:C

CVSS3

7.8

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

EPSS

0.001

Percentile

47.1%

Buffer overflow in the get_tag function in mod_include for Apache 1.3.x to
1.3.32 allows local users who can create SSI documents to execute arbitrary
code as the apache user via SSI (XSSI) documents that trigger a length
calculation error.

OSVersionArchitecturePackageVersionFilename
ubuntu6.06noarchapache< 1.3.34-2ubuntu0.1UNKNOWN
ubuntu6.10noarchapache< 1.3.34-4ubuntu1UNKNOWN
ubuntu7.04noarchapache< 1.3.34-4ubuntu1UNKNOWN

CVSS2

6.9

Attack Vector

LOCAL

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:M/Au:N/C:C/I:C/A:C

CVSS3

7.8

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

EPSS

0.001

Percentile

47.1%