CVE-2004-0488

high
New! CVE Severity Now Using CVSS v3

The calculated severity for CVEs has been updated to use CVSS v3 by default. CVEs that do not have a CVSS v3 score will fall back CVSS v2 for calculating severity. Severity display preferences can be toggled in the settings dropdown.

Description

Stack-based buffer overflow in the ssl_util_uuencode_binary function in ssl_util.c for Apache mod_ssl, when mod_ssl is configured to trust the issuing CA, may allow remote attackers to execute arbitrary code via a client certificate with a long subject DN.

References

http://www.securityfocus.com/bid/10355

http://lists.grok.org.uk/pipermail/full-disclosure/2004-May/021610.html

http://www.debian.org/security/2004/dsa-532

https://bugzilla.fedora.us/show_bug.cgi?id=1888

http://www.trustix.net/errata/2004/0031/

http://security.gentoo.org/glsa/glsa-200406-05.xml

http://rhn.redhat.com/errata/RHSA-2004-245.html

http://www.redhat.com/support/errata/RHSA-2004-342.html

http://www.redhat.com/support/errata/RHSA-2004-405.html

ftp://patches.sgi.com/support/free/security/advisories/20040605-01-U.asc

http://www.redhat.com/support/errata/RHSA-2005-816.html

http://www.mandriva.com/security/advisories?name=MDKSA-2004:054

http://www.mandriva.com/security/advisories?name=MDKSA-2004:055

http://marc.info/?l=bugtraq&m=108567431823750&w=2

http://marc.info/?l=bugtraq&m=109215056218824&w=2

http://marc.info/?l=bugtraq&m=109181600614477&w=2

http://marc.info/?l=bugtraq&m=108619129727620&w=2

https://exchange.xforce.ibmcloud.com/vulnerabilities/16214

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11458

https://lists.apache.org/thread.html/54a42d4b01968df1117cea77fc53d[email protected]%3Ccvs.httpd.apache.org%3E

https://lists.apache.org/thread.html/[email protected]%3Ccvs.httpd.apache.org%3E

https://lists.apache.org/thread.html/[email protected]%3Ccvs.httpd.apache.org%3E

https://lists.apache.org/thread.html/[email protected]%3Ccvs.httpd.apache.org%3E

https://lists.apache.org/thread.html/[email protected]%3Ccvs.httpd.apache.org%3E

https://lists.apache.org/thread.html/[email protected]%3Ccvs.httpd.apache.org%3E

https://lists.apache.org/thread.html/[email protected]%3Ccvs.httpd.apache.org%3E

https://lists.apache.org/thread.html/[email protected]%3Ccvs.httpd.apache.org%3E

https://lists.apache.org/thread.html/[email protected]%3Ccvs.httpd.apache.org%3E

https://lists.apache.org/thread.html/[email protected]%3Ccvs.httpd.apache.org%3E

https://lists.apache.org/thread.html/[email protected]%3Ccvs.httpd.apache.org%3E

https://lists.apache.org/thread.html/[email protected]%3Ccvs.httpd.apache.org%3E

Details

Source: MITRE

Published: 2004-07-07

Updated: 2021-06-06

Risk Information

CVSS v2

Base Score: 7.5

Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P

Impact Score: 6.4

Exploitability Score: 10

Severity: HIGH

Vulnerable Software

Configuration 1

OR

cpe:2.3:a:apache:http_server:1.3.17:*:*:*:*:*:*:*

cpe:2.3:a:apache:http_server:1.3.18:*:*:*:*:*:*:*

cpe:2.3:a:apache:http_server:1.3.27:*:*:*:*:*:*:*

cpe:2.3:a:apache:http_server:1.3.28:*:*:*:*:*:*:*

cpe:2.3:a:apache:http_server:1.3.9:*:*:*:*:*:*:*

cpe:2.3:a:apache:http_server:2.0:*:*:*:*:*:*:*

cpe:2.3:a:apache:http_server:2.0.38:*:*:*:*:*:*:*

cpe:2.3:a:apache:http_server:2.0.39:*:*:*:*:*:*:*

cpe:2.3:a:apache:http_server:2.0.40:*:*:*:*:*:*:*

cpe:2.3:a:apache:http_server:2.0.47:*:*:*:*:*:*:*

cpe:2.3:a:apache:http_server:2.0.48:*:*:*:*:*:*:*

cpe:2.3:a:mod_ssl:mod_ssl:2.8.16:*:*:*:*:*:*:*

cpe:2.3:a:apache:http_server:2.0.42:*:*:*:*:*:*:*

cpe:2.3:a:apache:http_server:1.3.23:*:*:*:*:*:*:*

cpe:2.3:a:apache:http_server:2.0.35:*:*:*:*:*:*:*

cpe:2.3:a:apache:http_server:2.0.44:*:*:*:*:*:*:*

cpe:2.3:a:apache:http_server:1.3.1:*:*:*:*:*:*:*

cpe:2.3:a:apache:http_server:1.3.19:*:*:*:*:*:*:*

cpe:2.3:a:apache:http_server:1.3.31:*:*:*:*:*:*:*

cpe:2.3:a:apache:http_server:1.3.24:*:*:*:*:*:*:*

cpe:2.3:a:mod_ssl:mod_ssl:2.8.10:*:*:*:*:*:*:*

cpe:2.3:a:apache:http_server:1.3.20:*:*:*:*:*:*:*

cpe:2.3:a:apache:http_server:2.0.28:beta:*:*:*:*:*:*

cpe:2.3:a:apache:http_server:2.0.41:*:*:*:*:*:*:*

cpe:2.3:a:apache:http_server:1.3.4:*:*:*:*:*:*:*

cpe:2.3:a:apache:http_server:2.0.32:*:*:*:*:*:*:*

cpe:2.3:a:apache:http_server:1.3:*:*:*:*:*:*:*

cpe:2.3:a:apache:http_server:1.3.3:*:*:*:*:*:*:*

cpe:2.3:a:mandrakesoft:mandrake_multi_network_firewall:8.2:*:*:*:*:*:*:*

cpe:2.3:a:mod_ssl:mod_ssl:2.8.7:*:*:*:*:*:*:*

cpe:2.3:a:apache:http_server:1.3.29:*:*:*:*:*:*:*

cpe:2.3:a:apache:http_server:1.3.22:*:*:*:*:*:*:*

cpe:2.3:a:apache:http_server:1.3.11:*:*:*:*:*:*:*

cpe:2.3:a:apache:http_server:2.0.43:*:*:*:*:*:*:*

cpe:2.3:a:apache:http_server:2.0.28:*:*:*:*:*:*:*

cpe:2.3:a:tinysofa:tinysofa_enterprise_server:1.0_u1:*:*:*:*:*:*:*

cpe:2.3:a:mod_ssl:mod_ssl:2.8.12:*:*:*:*:*:*:*

cpe:2.3:a:apache:http_server:2.0.37:*:*:*:*:*:*:*

cpe:2.3:a:apache:http_server:1.3.25:*:*:*:*:*:*:*

cpe:2.3:a:tinysofa:tinysofa_enterprise_server:1.0:*:*:*:*:*:*:*

cpe:2.3:a:apache:http_server:1.3.7:*:dev:*:*:*:*:*

cpe:2.3:a:apache:http_server:1.3.6:*:*:*:*:*:*:*

cpe:2.3:a:apache:http_server:2.0.49:*:*:*:*:*:*:*

cpe:2.3:a:apache:http_server:2.0.9:*:*:*:*:*:*:*

cpe:2.3:a:apache:http_server:1.3.12:*:*:*:*:*:*:*

cpe:2.3:a:mod_ssl:mod_ssl:2.8.15:*:*:*:*:*:*:*

cpe:2.3:a:apache:http_server:2.0.45:*:*:*:*:*:*:*

cpe:2.3:a:apache:http_server:1.3.26:*:*:*:*:*:*:*

cpe:2.3:a:apache:http_server:2.0.36:*:*:*:*:*:*:*

cpe:2.3:a:apache:http_server:1.3.14:*:*:*:*:*:*:*

cpe:2.3:a:apache:http_server:2.0.46:*:*:*:*:*:*:*

cpe:2.3:a:sgi:propack:2.4:*:*:*:*:*:*:*

Configuration 2

OR

cpe:2.3:o:mandrakesoft:mandrake_linux:9.1:*:*:*:*:*:*:*

cpe:2.3:o:mandrakesoft:mandrake_linux:9.1:*:ppc:*:*:*:*:*

cpe:2.3:o:openbsd:openbsd:current:*:*:*:*:*:*:*

cpe:2.3:o:trustix:secure_linux:1.5:*:*:*:*:*:*:*

cpe:2.3:o:mandrakesoft:mandrake_linux_corporate_server:2.1:*:*:*:*:*:*:*

cpe:2.3:o:mandrakesoft:mandrake_linux_corporate_server:2.1:*:x86_64:*:*:*:*:*

cpe:2.3:o:mandrakesoft:mandrake_linux:9.2:*:*:*:*:*:*:*

cpe:2.3:o:mandrakesoft:mandrake_linux:9.2:*:amd64:*:*:*:*:*

cpe:2.3:o:trustix:secure_linux:2.0:*:*:*:*:*:*:*

cpe:2.3:o:trustix:secure_linux:2.1:*:*:*:*:*:*:*

cpe:2.3:o:gentoo:linux:1.4:*:*:*:*:*:*:*

cpe:2.3:o:mandrakesoft:mandrake_linux:10.0:*:*:*:*:*:*:*

cpe:2.3:o:openbsd:openbsd:3.5:*:*:*:*:*:*:*

cpe:2.3:o:openbsd:openbsd:3.4:*:*:*:*:*:*:*

cpe:2.3:o:mandrakesoft:mandrake_linux:10.0:*:amd64:*:*:*:*:*

Tenable Plugins

View all (13 total)

IDNameProductFamilySeverity
63857RHEL 3 / 4 : Proxy Server (RHSA-2008:0523)NessusRed Hat Local Security Checks
high
18790Slackware 8.1 / 9.0 / 9.1 / current : mod_ssl (SSA:2004-154-01)NessusSlackware Local Security Checks
high
15898Mac OS X Multiple Vulnerabilities (Security Update 2004-12-02)NessusMacOS X Local Security Checks
high
15369Debian DSA-532-2 : libapache-mod-ssl - several vulnerabilitiesNessusDebian Local Security Checks
high
2274Mac OS X Multiple Vulnerabilities (Security Update 2004-09-07)Nessus Network MonitorWeb Clients
medium
14676Mac OS X Multiple Vulnerabilities (Security Update 2004-09-07)NessusMacOS X Local Security Checks
high
14516GLSA-200406-05 : Apache: Buffer overflow in mod_sslNessusGentoo Local Security Checks
high
14154Mandrake Linux Security Advisory : apache2 (MDKSA-2004:055)NessusMandriva Local Security Checks
high
14153Mandrake Linux Security Advisory : mod_ssl (MDKSA-2004:054)NessusMandriva Local Security Checks
high
12636RHEL 3 : httpd (RHSA-2004:342)NessusRed Hat Local Security Checks
high
12506RHEL 2.1 : apache, mod_ssl (RHSA-2004:245)NessusRed Hat Local Security Checks
critical
12255mod_ssl ssl_util_uuencode_binary Remote OverflowNessusWeb Servers
high
800802Mac OS X Multiple Vulnerabilities (Security Update 2004-09-07)Log Correlation EngineOperating System Detection
high