CVE-2004-0488

Current Description

Stack-based buffer overflow in the ssl_util_uuencode_binary function in ssl_util.c for Apache mod_ssl, when mod_ssl is configured to trust the issuing CA, may allow remote attackers to execute arbitrary code via a client certificate with a long subject DN.

Basic Data

PublishedJuly 07, 2004
Last ModifiedOctober 11, 2017
Assignercve@mitre.org
Data TypeCVE
Data FormatMITRE
Data Version4.0
Problem TypeNVD-CWE-Other
CVE Data Version4.0

Base Metric V2

CVSS 2 - Version2.0
CVSS 2 - Vector StringAV:N/AC:L/Au:N/C:P/I:P/A:P
CVSS 2 - Access VectorNETWORK
CVSS 2 - Access ComplexityLOW
CVSS 2 - AuthenticationNONE
CVSS 2 - Confidentiality ImpactPARTIAL
CVSS 2 - Availability ImpactPARTIAL
CVSS 2 - Base Score7.5
SeverityHIGH
Exploitability Score10.0
Impact Score6.4
Obtain All Privilegefalse
Obtain User Privilegefalse
Obtain Other Privilegetrue

Base Metric V3

No data provided.

Configurations

  • OR - Configuration 1
    Cpe VersionPartVendorProductVersionUpdateEditionLanguageSW EditionTarget SWTarget HWOtherVersion Start IncludingVersion End IncludingVersion Start ExcludingVersion End Excluding
    2.3ApplicationApacheHttp Server1.3*******
    2.3ApplicationApacheHttp Server1.3.1*******
    2.3ApplicationApacheHttp Server1.3.3*******
    2.3ApplicationApacheHttp Server1.3.4*******
    2.3ApplicationApacheHttp Server1.3.6*******
    2.3ApplicationApacheHttp Server1.3.7*dev*****
    2.3ApplicationApacheHttp Server1.3.9*******
    2.3ApplicationApacheHttp Server1.3.11*******
    2.3ApplicationApacheHttp Server1.3.12*******
    2.3ApplicationApacheHttp Server1.3.14*******
    2.3ApplicationApacheHttp Server1.3.17*******
    2.3ApplicationApacheHttp Server1.3.18*******
    2.3ApplicationApacheHttp Server1.3.19*******
    2.3ApplicationApacheHttp Server1.3.20*******
    2.3ApplicationApacheHttp Server1.3.22*******
    2.3ApplicationApacheHttp Server1.3.23*******
    2.3ApplicationApacheHttp Server1.3.24*******
    2.3ApplicationApacheHttp Server1.3.25*******
    2.3ApplicationApacheHttp Server1.3.26*******
    2.3ApplicationApacheHttp Server1.3.27*******
    2.3ApplicationApacheHttp Server1.3.28*******
    2.3ApplicationApacheHttp Server1.3.29*******
    2.3ApplicationApacheHttp Server1.3.31*******
    2.3ApplicationApacheHttp Server2.0*******
    2.3ApplicationApacheHttp Server2.0.9*******
    2.3ApplicationApacheHttp Server2.0.28*******
    2.3ApplicationApacheHttp Server2.0.28beta******
    2.3ApplicationApacheHttp Server2.0.32*******
    2.3ApplicationApacheHttp Server2.0.35*******
    2.3ApplicationApacheHttp Server2.0.36*******
    2.3ApplicationApacheHttp Server2.0.37*******
    2.3ApplicationApacheHttp Server2.0.38*******
    2.3ApplicationApacheHttp Server2.0.39*******
    2.3ApplicationApacheHttp Server2.0.40*******
    2.3ApplicationApacheHttp Server2.0.41*******
    2.3ApplicationApacheHttp Server2.0.42*******
    2.3ApplicationApacheHttp Server2.0.43*******
    2.3ApplicationApacheHttp Server2.0.44*******
    2.3ApplicationApacheHttp Server2.0.45*******
    2.3ApplicationApacheHttp Server2.0.46*******
    2.3ApplicationApacheHttp Server2.0.47*******
    2.3ApplicationApacheHttp Server2.0.48*******
    2.3ApplicationApacheHttp Server2.0.49*******
    2.3ApplicationMandrakesoftMandrake Multi Network Firewall8.2*******
    2.3ApplicationMod SslMod Ssl2.8.7*******
    2.3ApplicationMod SslMod Ssl2.8.10*******
    2.3ApplicationMod SslMod Ssl2.8.12*******
    2.3ApplicationMod SslMod Ssl2.8.15*******
    2.3ApplicationMod SslMod Ssl2.8.16*******
    2.3ApplicationSgiPropack2.4*******
    2.3ApplicationTinysofaTinysofa Enterprise Server1.0*******
    2.3ApplicationTinysofaTinysofa Enterprise Server1.0_u1*******
  • OR - Configuration 2
    Cpe VersionPartVendorProductVersionUpdateEditionLanguageSW EditionTarget SWTarget HWOtherVersion Start IncludingVersion End IncludingVersion Start ExcludingVersion End Excluding
    2.3OSGentooLinux1.4*******
    2.3OSMandrakesoftMandrake Linux9.1*******
    2.3OSMandrakesoftMandrake Linux9.1*ppc*****
    2.3OSMandrakesoftMandrake Linux9.2*******
    2.3OSMandrakesoftMandrake Linux9.2*amd64*****
    2.3OSMandrakesoftMandrake Linux10.0*******
    2.3OSMandrakesoftMandrake Linux10.0*amd64*****
    2.3OSMandrakesoftMandrake Linux Corporate Server2.1*******
    2.3OSMandrakesoftMandrake Linux Corporate Server2.1*x86_64*****
    2.3OSOpenbsdOpenbsd3.4*******
    2.3OSOpenbsdOpenbsd3.5*******
    2.3OSOpenbsdOpenbsdcurrent*******
    2.3OSTrustixSecure Linux1.5*******
    2.3OSTrustixSecure Linux2.0*******
    2.3OSTrustixSecure Linux2.1*******

Vulnerable Software List

VendorProductVersions
Tinysofa Tinysofa Enterprise Server 1.0, 1.0_u1
Mod Ssl Mod Ssl 2.8.10, 2.8.12, 2.8.15, 2.8.16, 2.8.7
Openbsd Openbsd 3.4, 3.5, current
Apache Http Server 1.3, 1.3.1, 1.3.11, 1.3.12, 1.3.14, 1.3.17, 1.3.18, 1.3.19, 1.3.20, 1.3.22, 1.3.23, 1.3.24, 1.3.25, 1.3.26, 1.3.27, 1.3.28, 1.3.29, 1.3.3, 1.3.31, 1.3.4, 1.3.6, 1.3.7, 1.3.9, 2.0, 2.0.28, 2.0.32, 2.0.35, 2.0.36, 2.0.37, 2.0.38, 2.0.39, 2.0.40, 2.0.41, 2.0.42, 2.0.43, 2.0.44, 2.0.45, 2.0.46, 2.0.47, 2.0.48, 2.0.49, 2.0.9
Mandrakesoft Mandrake Multi Network Firewall 8.2
Mandrakesoft Mandrake Linux 10.0, 9.1, 9.2
Mandrakesoft Mandrake Linux Corporate Server 2.1
Sgi Propack 2.4
Trustix Secure Linux 1.5, 2.0, 2.1
Gentoo Linux 1.4

References

NameSourceURLTags
20040605-01-Uftp://patches.sgi.com/support/free/security/advisories/20040605-01-U.ascSGI
20040517 mod_ssl ssl_util_uuencode_binary potential problemhttp://lists.grok.org.uk/pipermail/full-disclosure/2004-May/021610.htmlFULLDISC
20040527 [OpenPKG-SA-2004.026] OpenPKG Security Advisory (apache)http://marc.info/?l=bugtraq&m=108567431823750&w=2BUGTRAQ
20040601 TSSA-2004-008 - apachehttp://marc.info/?l=bugtraq&m=108619129727620&w=2BUGTRAQ
SSRT4777http://marc.info/?l=bugtraq&m=109181600614477&w=2HP
SSRT4788http://marc.info/?l=bugtraq&m=109215056218824&w=2HP
RHSA-2004:245http://rhn.redhat.com/errata/RHSA-2004-245.htmlREDHAT
GLSA-200406-05http://security.gentoo.org/glsa/glsa-200406-05.xmlGENTOO
DSA-532http://www.debian.org/security/2004/dsa-532DEBIAN
MDKSA-2004:054http://www.mandriva.com/security/advisories?name=MDKSA-2004:054MANDRAKE
MDKSA-2004:055http://www.mandriva.com/security/advisories?name=MDKSA-2004:055MANDRAKE
RHSA-2004:342http://www.redhat.com/support/errata/RHSA-2004-342.htmlREDHAT
RHSA-2004:405http://www.redhat.com/support/errata/RHSA-2004-405.htmlREDHAT
RHSA-2005:816http://www.redhat.com/support/errata/RHSA-2005-816.htmlREDHAT
10355http://www.securityfocus.com/bid/10355BIDPATCH Vendor Advisory
2004-0031http://www.trustix.net/errata/2004/0031/TRUSTIX
FLSA:1888https://bugzilla.fedora.us/show_bug.cgi?id=1888FEDORA
apache-modssl-uuencode-bo(16214)https://exchange.xforce.ibmcloud.com/vulnerabilities/16214XF
[httpd-cvs] 20190815 svn commit: r1048742 [2/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.htmlhttps://lists.apache.org/thread.html/54a42d4b01968df1117cea77fc53d6beb931c0e05936ad02af93e9ac@%3CcvsMLIST
[httpd-cvs] 20190815 svn commit: r1048743 [2/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.htmlhttps://lists.apache.org/thread.html/5df9bfb86a3b054bb985a45ff9250b0332c9ecc181eec232489e7f79@%3CcvsMLIST
[httpd-cvs] 20200401 svn commit: r1058586 [2/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.htmlhttps://lists.apache.org/thread.html/r0276683d8e1e07153fc8642618830ac0ade85b9ae0dc7b07f63bb8fc@%3CcvMLIST
[httpd-cvs] 20200401 svn commit: r1058587 [2/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.htmlhttps://lists.apache.org/thread.html/r8828e649175df56f1f9e3919938ac7826128525426e2748f0ab62feb@%3CcvMLIST
oval:org.mitre.oval:def:11458https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11458OVAL