mod_ssl ssl_util_uuencode_binary Remote Overflow

high Nessus Plugin ID 12255


Arbitrary code can be executed on the remote host.


The remote host is using a version of mod_ssl that is older than 2.8.18.

This version is vulnerable to a flaw that could allow an attacker to disable the remote website remotely, or to execute arbitrary code on the remote host.

Note that several Linux distributions patched the old version of this module. Therefore, this alert might be a false-positive. Please check with your vendor to determine if you really are vulnerable to this flaw.


Upgrade to version 2.8.18 (Apache 1.3) or to Apache 2.0.50.

Plugin Details

Severity: High

ID: 12255

File Name: mod_ssl_uuencode_binary.nasl

Version: 1.24

Type: remote

Family: Web Servers

Published: 5/29/2004

Updated: 7/14/2018

Risk Information


Risk Factor: Medium

Score: 5.5


Risk Factor: High

Base Score: 7.5

Temporal Score: 5.5

Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P

Temporal Vector: E:U/RL:OF/RC:C

Vulnerability Information

Required KB Items: www/apache

Exploit Ease: No known exploits are available

Vulnerability Publication Date: 5/17/2004

Reference Information

CVE: CVE-2004-0488

BID: 10355