CVE-2004-0747

MEDIUM

Description

Buffer overflow in Apache 2.0.50 and earlier allows local users to gain apache privileges via a .htaccess file that causes the overflow during expansion of environment variables.

References

http://secunia.com/advisories/12540

http://secunia.com/advisories/34920

http://securitytracker.com/id?1011303

http://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=205147

http://www.gentoo.org/security/en/glsa/glsa-200409-21.xml

http://www.kb.cert.org/vuls/id/481998

http://www.mandrakesecure.net/en/advisories/advisory.php?name=MDKSA-2004:096

http://www.novell.com/linux/security/advisories/2004_32_apache2.html

http://www.redhat.com/support/errata/RHSA-2004-463.html

http://www.trustix.org/errata/2004/0047/

http://www.vupen.com/english/advisories/2009/1233

https://exchange.xforce.ibmcloud.com/vulnerabilities/17384

https://lists.apache.org/thread.html/[email protected]%3Ccvs.httpd.apache.org%3E

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11561

Details

Source: MITRE

Published: 2004-10-20

Updated: 2017-10-11

Type: NVD-CWE-Other

Risk Information

CVSS v2.0

Base Score: 4.6

Vector: AV:L/AC:L/Au:N/C:P/I:P/A:P

Impact Score: 6.4

Exploitability Score: 3.9

Severity: MEDIUM

Vulnerable Software

Configuration 1

cpe:2.3:a:apache:http_server:2.0:*:*:*:*:*:*:*

cpe:2.3:a:apache:http_server:2.0.28:*:*:*:*:*:*:*

cpe:2.3:a:apache:http_server:2.0.32:*:*:*:*:*:*:*

cpe:2.3:a:apache:http_server:2.0.35:*:*:*:*:*:*:*

cpe:2.3:a:apache:http_server:2.0.36:*:*:*:*:*:*:*

cpe:2.3:a:apache:http_server:2.0.37:*:*:*:*:*:*:*

cpe:2.3:a:apache:http_server:2.0.38:*:*:*:*:*:*:*

cpe:2.3:a:apache:http_server:2.0.39:*:*:*:*:*:*:*

cpe:2.3:a:apache:http_server:2.0.40:*:*:*:*:*:*:*

cpe:2.3:a:apache:http_server:2.0.41:*:*:*:*:*:*:*

cpe:2.3:a:apache:http_server:2.0.42:*:*:*:*:*:*:*

cpe:2.3:a:apache:http_server:2.0.43:*:*:*:*:*:*:*

cpe:2.3:a:apache:http_server:2.0.44:*:*:*:*:*:*:*

cpe:2.3:a:apache:http_server:2.0.45:*:*:*:*:*:*:*

cpe:2.3:a:apache:http_server:2.0.46:*:*:*:*:*:*:*

cpe:2.3:a:apache:http_server:2.0.47:*:*:*:*:*:*:*

cpe:2.3:a:apache:http_server:2.0.48:*:*:*:*:*:*:*

cpe:2.3:a:apache:http_server:2.0.49:*:*:*:*:*:*:*

cpe:2.3:a:apache:http_server:2.0.50:*:*:*:*:*:*:*

Tenable Plugins

View all (10 total)

ID	Name	Product	Family	Severity
36910	FreeBSD : apache -- ap_resolve_env buffer overflow (4d49f4ba-071f-11d9-b45d-000c41e2cdad)	Nessus	FreeBSD Local Security Checks	medium
15898	Mac OS X Multiple Vulnerabilities (Security Update 2004-12-02)	Nessus	MacOS X Local Security Checks	high
14766	GLSA-200409-21 : Apache 2, mod_dav: Multiple vulnerabilities	Nessus	Gentoo Local Security Checks	medium
14752	Mandrake Linux Security Advisory : apache2 (MDKSA-2004:096)	Nessus	Mandriva Local Security Checks	high
14748	Apache 2.0.x < 2.0.51 Multiple Vulnerabilities (OF, DoS)	Nessus	Web Servers	medium
14736	RHEL 3 : httpd (RHSA-2004:463)	Nessus	Red Hat Local Security Checks	medium
14731	SUSE-SA:2004:032: apache2	Nessus	SuSE Local Security Checks	medium
2292	Apache < 2.0.51 IPv6 Remote Buffer Overflow	Nessus Network Monitor	Web Servers	medium
2290	Apache < 2.0.51 ${ENVVAR} Local Overflow	Nessus Network Monitor	Web Servers	low
800562	Apache < 2.0.51 ${ENVVAR} Local Overflow	Log Correlation Engine	Web Servers	medium