CVE-2004-0492

Current Description

Heap-based buffer overflow in proxy_util.c for mod_proxy in Apache 1.3.25 to 1.3.31 allows remote attackers to cause a denial of service (process crash) and possibly execute arbitrary code via a negative Content-Length HTTP header field, which causes a large amount of data to be copied.

Basic Data

PublishedAugust 06, 2004
Last ModifiedOctober 11, 2017
Assignercve@mitre.org
Data TypeCVE
Data FormatMITRE
Data Version4.0
Problem TypeNVD-CWE-Other
CVE Data Version4.0

Base Metric V2

CVSS 2 - Version2.0
CVSS 2 - Vector StringAV:N/AC:L/Au:N/C:C/I:C/A:C
CVSS 2 - Access VectorNETWORK
CVSS 2 - Access ComplexityLOW
CVSS 2 - AuthenticationNONE
CVSS 2 - Confidentiality ImpactCOMPLETE
CVSS 2 - Availability ImpactCOMPLETE
CVSS 2 - Base Score10.0
SeverityHIGH
Exploitability Score10.0
Impact Score10.0
Obtain All Privilegetrue
Obtain User Privilegefalse
Obtain Other Privilegefalse

Base Metric V3

No data provided.

Configurations

  • OR - Configuration 1
    Cpe VersionPartVendorProductVersionUpdateEditionLanguageSW EditionTarget SWTarget HWOtherVersion Start IncludingVersion End IncludingVersion Start ExcludingVersion End Excluding
    2.3ApplicationApacheHttp Server1.3.26*******
    2.3ApplicationApacheHttp Server1.3.27*******
    2.3ApplicationApacheHttp Server1.3.28*******
    2.3ApplicationApacheHttp Server1.3.29*******
    2.3ApplicationApacheHttp Server1.3.31*******
    2.3ApplicationHpVirtualvault11.0.4*******
    2.3ApplicationHpWebproxy2.0*******
    2.3ApplicationHpWebproxy2.1*******
    2.3ApplicationIbmHttp Server1.3.26*******
    2.3ApplicationIbmHttp Server1.3.26.1*******
    2.3ApplicationIbmHttp Server1.3.26.2*******
    2.3ApplicationIbmHttp Server1.3.28*******
    2.3ApplicationSgiPropack2.4*******
  • OR - Configuration 2
    Cpe VersionPartVendorProductVersionUpdateEditionLanguageSW EditionTarget SWTarget HWOtherVersion Start IncludingVersion End IncludingVersion Start ExcludingVersion End Excluding
    2.3OSHpVvos11.04*******
    2.3OSOpenbsdOpenbsd********
    2.3OSOpenbsdOpenbsd3.4*******
    2.3OSOpenbsdOpenbsd3.5*******

Vulnerable Software List

VendorProductVersions
Openbsd Openbsd *, 3.4, 3.5
Apache Http Server 1.3.26, 1.3.27, 1.3.28, 1.3.29, 1.3.31
Sgi Propack 2.4
Hp Webproxy 2.0, 2.1
Hp Virtualvault 11.0.4
Hp Vvos 11.04
Ibm Http Server 1.3.26, 1.3.26.1, 1.3.26.2, 1.3.28

References

NameSourceURLTags
20040605-01-Uftp://patches.sgi.com/support/free/security/advisories/20040605-01-U.ascSGI
20040611 [OpenPKG-SA-2004.029] OpenPKG Security Advisory (apache)http://marc.info/?l=bugtraq&m=108711172710140&w=2BUGTRAQ
SSRT090208http://marc.info/?l=bugtraq&m=130497311408250&w=2HP
RHSA-2004:245http://rhn.redhat.com/errata/RHSA-2004-245.htmlREDHATPATCH Vendor Advisory
20040610 Buffer overflow in apache mod_proxy,yet still apache much better than windowshttp://seclists.org/lists/fulldisclosure/2004/Jun/0296.htmlFULLDISC
11841http://secunia.com/advisories/11841SECUNIA
101555http://sunsolve.sun.com/search/document.do?assetkey=1-26-101555-1SUNALERT
101841http://sunsolve.sun.com/search/document.do?assetkey=1-26-101841-1SUNALERT
57628http://sunsolve.sun.com/search/document.do?assetkey=1-26-57628-1SUNALERT
DSA-525http://www.debian.org/security/2004/dsa-525DEBIANPATCH Vendor Advisory
http://www.guninski.com/modproxy1.htmlhttp://www.guninski.com/modproxy1.htmlMISC
VU#541310http://www.kb.cert.org/vuls/id/541310CERT-VNUS Government Resource
MDKSA-2004:065http://www.mandriva.com/security/advisories?name=MDKSA-2004:065MANDRAKE
FLSA:1737https://bugzilla.fedora.us/show_bug.cgi?id=1737FEDORA
apache-modproxy-contentlength-bo(16387)https://exchange.xforce.ibmcloud.com/vulnerabilities/16387XF
oval:org.mitre.oval:def:100112https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A100112OVAL
oval:org.mitre.oval:def:4863https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A4863OVAL