CVE-2004-0940

Опубликовано: 09 фев. 2005

Источник: nvd

CVSS3: 7.8

CVSS2: 6.9

EPSS Низкий

Описание

Buffer overflow in the get_tag function in mod_include for Apache 1.3.x to 1.3.32 allows local users who can create SSI documents to execute arbitrary code as the apache user via SSI (XSSI) documents that trigger a length calculation error.

Ссылки

http://marc.info/?l=bugtraq&m=109906660225051&w=2
Mailing List
Third Party Advisory
http://secunia.com/advisories/12898/
Broken Link
http://secunia.com/advisories/19073
Broken Link
http://securitytracker.com/id?1011783
Broken Link
Third Party Advisory
VDB Entry
http://sunsolve.sun.com/search/document.do?assetkey=1-26-102197-1
Broken Link
http://support.avaya.com/elmodocs2/security/ASA-2006-081.htm
Third Party Advisory
http://www.apacheweek.com/features/security-13
Product
http://www.debian.org/security/2004/dsa-594
Mailing List
Third Party Advisory
http://www.mandriva.com/security/advisories?name=MDKSA-2004:134
Third Party Advisory
http://www.redhat.com/support/errata/RHSA-2004-600.html
Broken Link
http://www.redhat.com/support/errata/RHSA-2005-816.html
Broken Link
http://www.securityfocus.com/bid/11471
Broken Link
Exploit
Patch
Third Party Advisory
VDB Entry
Vendor Advisory
http://www.vupen.com/english/advisories/2006/0789
Broken Link
https://exchange.xforce.ibmcloud.com/vulnerabilities/17785
Third Party Advisory
VDB Entry
https://lists.apache.org/thread.html/r5419c9ba0951ef73a655362403d12bb8d10fab38274deb3f005816f5%40%3Ccvs.httpd.apache.org%3E
Mailing List
Patch
https://lists.apache.org/thread.html/r734a07156abf332d5ab27fb91d9d962cacfef4f3681e44056f064fa8%40%3Ccvs.httpd.apache.org%3E
Mailing List
Patch
https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E
Mailing List
Patch
https://lists.apache.org/thread.html/rd65d8ba68ba17e7deedafbf5bb4899f2ae4dad781d21b931c2941ac3%40%3Ccvs.httpd.apache.org%3E
Mailing List
Patch
https://lists.apache.org/thread.html/re895fc1736d25c8cf57e102c871613b8aeec9ea26fd8a44e7942b5ab%40%3Ccvs.httpd.apache.org%3E
Mailing List
Patch
https://lists.apache.org/thread.html/rf2f0f3611f937cf6cfb3b4fe4a67f69885855126110e1e3f2fb2728e%40%3Ccvs.httpd.apache.org%3E
Mailing List
Patch

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*

Версия от 1.3 (включая) до 1.3.32 (включая)

cpe:2.3:a:openpkg:openpkg:2.0:*:*:*:*:*:*:*

cpe:2.3:a:openpkg:openpkg:2.1:*:*:*:*:*:*:*

cpe:2.3:a:openpkg:openpkg:2.2:*:*:*:*:*:*:*

Конфигурация 2

Одно из

cpe:2.3:o:hp:hp-ux:11.00:*:*:*:*:*:*:*

cpe:2.3:o:hp:hp-ux:11.11:*:*:*:*:*:*:*

cpe:2.3:o:hp:hp-ux:11.20:*:*:*:*:*:*:*

cpe:2.3:o:hp:hp-ux:11.22:*:*:*:*:*:*:*

cpe:2.3:o:slackware:slackware_linux:8.0:*:*:*:*:*:*:*

cpe:2.3:o:slackware:slackware_linux:8.1:*:*:*:*:*:*:*

cpe:2.3:o:slackware:slackware_linux:9.0:*:*:*:*:*:*:*

cpe:2.3:o:slackware:slackware_linux:9.1:*:*:*:*:*:*:*

cpe:2.3:o:slackware:slackware_linux:10.0:*:*:*:*:*:*:*

cpe:2.3:o:slackware:slackware_linux:current:*:*:*:*:*:*:*

cpe:2.3:o:suse:suse_linux:8.0:*:*:*:*:*:*:*

cpe:2.3:o:suse:suse_linux:8.1:*:*:*:*:*:*:*

cpe:2.3:o:suse:suse_linux:8.2:*:*:*:*:*:*:*

cpe:2.3:o:suse:suse_linux:9.0:*:*:*:*:*:*:*

cpe:2.3:o:suse:suse_linux:9.1:*:*:*:*:*:*:*

cpe:2.3:o:suse:suse_linux:9.2:*:*:*:*:*:*:*

cpe:2.3:o:trustix:secure_linux:1.5:*:*:*:*:*:*:*

EPSS

Процентиль: 88%

0.04161

Низкий

7.8 High

CVSS3

6.9 Medium

CVSS2

Дефекты

CWE-131

Связанные уязвимости

CVE-2004-0940

CVSS3: 7.8

ubuntu

больше 20 лет назад

CVE-2004-0940

redhat

больше 20 лет назад

CVE-2004-0940

CVSS3: 7.8

debian

больше 20 лет назад

Buffer overflow in the get_tag function in mod_include for Apache 1.3. ...

GHSA-cx2h-jfxr-vw9c

CVSS3: 7.8

github

около 3 лет назад

EPSS

Процентиль: 88%

0.04161

Низкий

7.8 High

CVSS3

6.9 Medium

CVSS2

Дефекты

CWE-131