Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

nvd логотип

CVE-2004-0700

Опубликовано: 27 июл. 2004
Источник: nvd
CVSS2: 7.5
EPSS Средний

Описание

Format string vulnerability in the mod_proxy hook functions function in ssl_engine_log.c in mod_ssl before 2.8.19 for Apache before 1.3.31 may allow remote attackers to execute arbitrary messages via format string specifiers in certain log messages for HTTPS that are handled by the ssl_log function.

Ссылки

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:mod_ssl:mod_ssl:2.3.11:*:*:*:*:*:*:*
cpe:2.3:a:mod_ssl:mod_ssl:2.4.0:*:*:*:*:*:*:*
cpe:2.3:a:mod_ssl:mod_ssl:2.4.1:*:*:*:*:*:*:*
cpe:2.3:a:mod_ssl:mod_ssl:2.4.2:*:*:*:*:*:*:*
cpe:2.3:a:mod_ssl:mod_ssl:2.4.3:*:*:*:*:*:*:*
cpe:2.3:a:mod_ssl:mod_ssl:2.4.4:*:*:*:*:*:*:*
cpe:2.3:a:mod_ssl:mod_ssl:2.4.5:*:*:*:*:*:*:*
cpe:2.3:a:mod_ssl:mod_ssl:2.4.6:*:*:*:*:*:*:*
cpe:2.3:a:mod_ssl:mod_ssl:2.4.7:*:*:*:*:*:*:*
cpe:2.3:a:mod_ssl:mod_ssl:2.4.8:*:*:*:*:*:*:*
cpe:2.3:a:mod_ssl:mod_ssl:2.4.9:*:*:*:*:*:*:*
cpe:2.3:a:mod_ssl:mod_ssl:2.4.10:*:*:*:*:*:*:*
cpe:2.3:a:mod_ssl:mod_ssl:2.5.0:*:*:*:*:*:*:*
cpe:2.3:a:mod_ssl:mod_ssl:2.5.1:*:*:*:*:*:*:*
cpe:2.3:a:mod_ssl:mod_ssl:2.6.0:*:*:*:*:*:*:*
cpe:2.3:a:mod_ssl:mod_ssl:2.6.1:*:*:*:*:*:*:*
cpe:2.3:a:mod_ssl:mod_ssl:2.6.2:*:*:*:*:*:*:*
cpe:2.3:a:mod_ssl:mod_ssl:2.6.3:*:*:*:*:*:*:*
cpe:2.3:a:mod_ssl:mod_ssl:2.6.4:*:*:*:*:*:*:*
cpe:2.3:a:mod_ssl:mod_ssl:2.6.5:*:*:*:*:*:*:*
cpe:2.3:a:mod_ssl:mod_ssl:2.6.6:*:*:*:*:*:*:*
cpe:2.3:a:mod_ssl:mod_ssl:2.7.0:*:*:*:*:*:*:*
cpe:2.3:a:mod_ssl:mod_ssl:2.7.1:*:*:*:*:*:*:*
cpe:2.3:a:mod_ssl:mod_ssl:2.8.0:*:*:*:*:*:*:*
cpe:2.3:a:mod_ssl:mod_ssl:2.8.1:*:*:*:*:*:*:*
cpe:2.3:a:mod_ssl:mod_ssl:2.8.1.2:*:*:*:*:*:*:*
cpe:2.3:a:mod_ssl:mod_ssl:2.8.2:*:*:*:*:*:*:*
cpe:2.3:a:mod_ssl:mod_ssl:2.8.3:*:*:*:*:*:*:*
cpe:2.3:a:mod_ssl:mod_ssl:2.8.4:*:*:*:*:*:*:*
cpe:2.3:a:mod_ssl:mod_ssl:2.8.5:*:*:*:*:*:*:*
cpe:2.3:a:mod_ssl:mod_ssl:2.8.5.1:*:*:*:*:*:*:*
cpe:2.3:a:mod_ssl:mod_ssl:2.8.5.2:*:*:*:*:*:*:*
cpe:2.3:a:mod_ssl:mod_ssl:2.8.6:*:*:*:*:*:*:*
cpe:2.3:a:mod_ssl:mod_ssl:2.8.7:*:*:*:*:*:*:*
cpe:2.3:a:mod_ssl:mod_ssl:2.8.8:*:*:*:*:*:*:*
cpe:2.3:a:mod_ssl:mod_ssl:2.8.9:*:*:*:*:*:*:*
cpe:2.3:a:mod_ssl:mod_ssl:2.8.10:*:*:*:*:*:*:*
cpe:2.3:a:mod_ssl:mod_ssl:2.8.12:*:*:*:*:*:*:*
cpe:2.3:a:mod_ssl:mod_ssl:2.8.14:*:*:*:*:*:*:*
cpe:2.3:a:mod_ssl:mod_ssl:2.8.15:*:*:*:*:*:*:*
cpe:2.3:a:mod_ssl:mod_ssl:2.8.16:*:*:*:*:*:*:*
cpe:2.3:a:mod_ssl:mod_ssl:2.8.17:*:*:*:*:*:*:*
cpe:2.3:a:mod_ssl:mod_ssl:2.8.18:*:*:*:*:*:*:*
Конфигурация 2
cpe:2.3:o:gentoo:linux:1.4:*:*:*:*:*:*:*

EPSS

Процентиль: 96%
0.30648
Средний

7.5 High

CVSS2

Дефекты

NVD-CWE-Other

Связанные уязвимости

ubuntu логотип

CVE-2004-0700

ubuntu
почти 21 год назад

Format string vulnerability in the mod_proxy hook functions function in ssl_engine_log.c in mod_ssl before 2.8.19 for Apache before 1.3.31 may allow remote attackers to execute arbitrary messages via format string specifiers in certain log messages for HTTPS that are handled by the ssl_log function.

redhat логотип

CVE-2004-0700

redhat
почти 21 год назад

Format string vulnerability in the mod_proxy hook functions function in ssl_engine_log.c in mod_ssl before 2.8.19 for Apache before 1.3.31 may allow remote attackers to execute arbitrary messages via format string specifiers in certain log messages for HTTPS that are handled by the ssl_log function.

debian логотип

CVE-2004-0700

debian
почти 21 год назад

Format string vulnerability in the mod_proxy hook functions function i ...

github логотип

GHSA-mm6m-9rf6-5j2q

github
около 3 лет назад

Format string vulnerability in the mod_proxy hook functions function in ssl_engine_log.c in mod_ssl before 2.8.19 for Apache before 1.3.31 may allow remote attackers to execute arbitrary messages via format string specifiers in certain log messages for HTTPS that are handled by the ssl_log function.

EPSS

Процентиль: 96%
0.30648
Средний

7.5 High

CVSS2

Дефекты

NVD-CWE-Other