CVE-2003-0542

HIGH

Description

Multiple stack-based buffer overflows in (1) mod_alias and (2) mod_rewrite for Apache before 1.3.29 allow attackers to create configuration files to cause a denial of service (crash) or execute arbitrary code via a regular expression with more than 9 captures.

References

ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2004.6/SCOSA-2004.6.txt

ftp://patches.sgi.com/support/free/security/advisories/20031203-01-U.asc

ftp://patches.sgi.com/support/free/security/advisories/20040202-01-U.asc

http://docs.info.apple.com/article.html?artnum=61798

http://httpd.apache.org/dist/httpd/Announcement2.html

http://lists.apple.com/archives/security-announce/2004/Jan/msg00000.html

http://lists.apple.com/mhonarc/security-announce/msg00045.html

http://marc.info/?l=bugtraq&m=106761802305141&w=2

http://marc.info/?l=bugtraq&m=130497311408250&w=2

http://secunia.com/advisories/10096

http://secunia.com/advisories/10098

http://secunia.com/advisories/10102

http://secunia.com/advisories/10112

http://secunia.com/advisories/10114

http://secunia.com/advisories/10153

http://secunia.com/advisories/10260

http://secunia.com/advisories/10264

http://secunia.com/advisories/10463

http://secunia.com/advisories/10580

http://secunia.com/advisories/10593

http://sunsolve.sun.com/search/document.do?assetkey=1-26-101444-1

http://sunsolve.sun.com/search/document.do?assetkey=1-26-101841-1

http://www.kb.cert.org/vuls/id/434566

http://www.kb.cert.org/vuls/id/549142

http://www.mandrakesecure.net/en/advisories/advisory.php?name=MDKSA-2003:103

http://www.redhat.com/support/errata/RHSA-2003-320.html

http://www.redhat.com/support/errata/RHSA-2003-360.html

http://www.redhat.com/support/errata/RHSA-2003-405.html

http://www.redhat.com/support/errata/RHSA-2004-015.html

http://www.redhat.com/support/errata/RHSA-2005-816.html

http://www.securityfocus.com/advisories/6079

http://www.securityfocus.com/archive/1/342674

http://www.securityfocus.com/bid/8911

http://www.securityfocus.com/bid/9504

https://exchange.xforce.ibmcloud.com/vulnerabilities/13400

https://lists.apache.org/thread.html/[email protected]%3Ccvs.httpd.apache.org%3E

https://lists.apache.org/thread.html/[email protected]%3Ccvs.httpd.apache.org%3E

https://lists.apache.org/thread.html/[email protected]%3Ccvs.httpd.apache.org%3E

https://lists.apache.org/thread.html/[email protected]%3Ccvs.httpd.apache.org%3E

https://lists.apache.org/thread.html/[email protected]%3Ccvs.httpd.apache.org%3E

https://lists.apache.org/thread.html/[email protected]%3Ccvs.httpd.apache.org%3E

https://lists.apache.org/thread.html/[email protected]%3Ccvs.httpd.apache.org%3E

https://lists.apache.org/thread.html/[email protected]%3Ccvs.httpd.apache.org%3E

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A3799

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A863

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A864

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9458

Details

Source: MITRE

Published: 2003-11-03

Updated: 2021-03-30

Type: CWE-119

Risk Information

CVSS v2.0

Base Score: 7.2

Vector: AV:L/AC:L/Au:N/C:C/I:C/A:C

Impact Score: 10

Exploitability Score: 3.9

Severity: HIGH

Vulnerable Software

Configuration 1

OR

cpe:2.3:a:apache:http_server:1.3:*:*:*:*:*:*:*

cpe:2.3:a:apache:http_server:1.3.1:*:*:*:*:*:*:*

cpe:2.3:a:apache:http_server:1.3.3:*:*:*:*:*:*:*

cpe:2.3:a:apache:http_server:1.3.4:*:*:*:*:*:*:*

cpe:2.3:a:apache:http_server:1.3.6:*:*:*:*:*:*:*

cpe:2.3:a:apache:http_server:1.3.9:*:*:*:*:*:*:*

cpe:2.3:a:apache:http_server:1.3.11:*:*:*:*:*:*:*

cpe:2.3:a:apache:http_server:1.3.12:*:*:*:*:*:*:*

cpe:2.3:a:apache:http_server:1.3.14:*:*:*:*:*:*:*

cpe:2.3:a:apache:http_server:1.3.17:*:*:*:*:*:*:*

cpe:2.3:a:apache:http_server:1.3.18:*:*:*:*:*:*:*

cpe:2.3:a:apache:http_server:1.3.19:*:*:*:*:*:*:*

cpe:2.3:a:apache:http_server:1.3.20:*:*:*:*:*:*:*

cpe:2.3:a:apache:http_server:1.3.22:*:*:*:*:*:*:*

cpe:2.3:a:apache:http_server:1.3.23:*:*:*:*:*:*:*

cpe:2.3:a:apache:http_server:1.3.24:*:*:*:*:*:*:*

cpe:2.3:a:apache:http_server:1.3.25:*:*:*:*:*:*:*

cpe:2.3:a:apache:http_server:1.3.26:*:*:*:*:*:*:*

cpe:2.3:a:apache:http_server:1.3.27:*:*:*:*:*:*:*

cpe:2.3:a:apache:http_server:1.3.28:*:*:*:*:*:*:*

cpe:2.3:a:apache:http_server:2.0:*:*:*:*:*:*:*

cpe:2.3:a:apache:http_server:2.0.28:*:*:*:*:*:*:*

cpe:2.3:a:apache:http_server:2.0.32:*:*:*:*:*:*:*

cpe:2.3:a:apache:http_server:2.0.35:*:*:*:*:*:*:*

cpe:2.3:a:apache:http_server:2.0.36:*:*:*:*:*:*:*

cpe:2.3:a:apache:http_server:2.0.37:*:*:*:*:*:*:*

cpe:2.3:a:apache:http_server:2.0.38:*:*:*:*:*:*:*

cpe:2.3:a:apache:http_server:2.0.39:*:*:*:*:*:*:*

cpe:2.3:a:apache:http_server:2.0.40:*:*:*:*:*:*:*

cpe:2.3:a:apache:http_server:2.0.41:*:*:*:*:*:*:*

cpe:2.3:a:apache:http_server:2.0.42:*:*:*:*:*:*:*

cpe:2.3:a:apache:http_server:2.0.43:*:*:*:*:*:*:*

cpe:2.3:a:apache:http_server:2.0.44:*:*:*:*:*:*:*

cpe:2.3:a:apache:http_server:2.0.45:*:*:*:*:*:*:*

cpe:2.3:a:apache:http_server:2.0.46:*:*:*:*:*:*:*

cpe:2.3:a:apache:http_server:2.0.47:*:*:*:*:*:*:*

Tenable Plugins

View all (15 total)

IDNameProductFamilySeverity
18742Slackware 8.1 / 9.0 / 9.1 / current : apache security update (SSA:2003-308-01)NessusSlackware Local Security Checks
high
15483Solaris 8 (x86) : 116974-07NessusSolaris Local Security Checks
critical
15482Solaris 8 (sparc) : 116973-07NessusSolaris Local Security Checks
critical
2175Apache < 2.0.48 Multiple VulnerabilitiesNessus Network MonitorWeb Servers
high
2174Apache < 1.3.29 Multiple VulnerabilitiesNessus Network MonitorWeb Servers
high
14085Mandrake Linux Security Advisory : apache (MDKSA-2003:103)NessusMandriva Local Security Checks
critical
13593Solaris 9 (x86) : 114145-12NessusSolaris Local Security Checks
critical
13530Solaris 9 (sparc) : 113146-13NessusSolaris Local Security Checks
critical
12517Mac OS X Multiple Vulnerabilities (Security Update 2004-01-26)NessusMacOS X Local Security Checks
critical
12450RHEL 3 : httpd (RHSA-2004:015)NessusRed Hat Local Security Checks
high
12435RHEL 2.1 : apache (RHSA-2003:360)NessusRed Hat Local Security Checks
high
11915Apache < 1.3.29 Multiple Modules Local OverflowNessusWeb Servers
high
11853Apache 2.0.x < 2.0.48 Multiple Vulnerabilities (OF, Info Disc.)NessusWeb Servers
critical
800585Apache < 1.3.29 Multiple VulnerabilitiesLog Correlation EngineWeb Servers
high
800583Apache < 2.0.48 Multiple VulnerabilitiesLog Correlation EngineWeb Servers
high