CVE-2003-0542: Buffer Overflow

First published: Thu Oct 30 2003(Updated: )

Multiple stack-based buffer overflows in (1) mod_alias and (2) mod_rewrite for Apache before 1.3.29 allow attackers to create configuration files to cause a denial of service (crash) or execute arbitrary code via a regular expression with more than 9 captures.

Credit: cve@mitre.org cve@mitre.org

Affected Software	Affected Version	How to fix
Apache HTTP server	=2.0.42
Apache HTTP server	=1.3.23
Apache HTTP server	=2.0.47
Apache HTTP server	=1.3.27
Apache HTTP server	=2.0.35
Apache HTTP server	=2.0.37
Apache HTTP server	=2.0.44
Apache HTTP server	=1.3.1
Apache HTTP server	=1.3.25
Apache HTTP server	=1.3.12
Apache HTTP server	=1.3.24
Apache HTTP server	=1.3.26
Apache HTTP server	=1.3.17
Apache HTTP server	=1.3.18
Apache HTTP server	=1.3.28
Apache HTTP server	=2.0.32
Apache HTTP server	=1.3.6
Apache HTTP server	=1.3.9
Apache HTTP server	=2.0.38
Apache HTTP server	=2.0.39
Apache HTTP server	=2.0.41
Apache HTTP server	=1.3
Apache HTTP server	=1.3.19
Apache HTTP server	=1.3.20
Apache HTTP server	=1.3.3
Apache HTTP server	=1.3.4
Apache HTTP server	=2.0.45
Apache HTTP server	=1.3.14
Apache HTTP server	=2.0
Apache HTTP server	=2.0.43
Apache HTTP server	=1.3.11
Apache HTTP server	=1.3.22
Apache HTTP server	=2.0.46
Apache HTTP server	=2.0.28
Apache HTTP server	=2.0.40
Apache HTTP server	=2.0.36

Remedy

http://www.redhat.com/support/errata/RHSA-2004-015.html

Remedy

http://www.securityfocus.com/bid/8911

Never miss a vulnerability like this again

Reference Links

collector/nvd-historical
collector/nvd-index
collector/nvd-api
agent/references
agent/weakness
agent/severity
agent/author
agent/type
agent/description
agent/event
agent/first-publish-date
agent/softwarecombine
agent/remedy
agent/last-modified-date
agent/tags
collector/mitre-cve
source/MITRE
vendor/apache
canonical/apache http server
version/apache http server/2.0.42
version/apache http server/1.3.23
version/apache http server/2.0.47
version/apache http server/1.3.27
version/apache http server/2.0.35
version/apache http server/2.0.37
version/apache http server/2.0.44
version/apache http server/1.3.1
version/apache http server/1.3.25
version/apache http server/1.3.12
version/apache http server/1.3.24
version/apache http server/1.3.26
version/apache http server/1.3.17
version/apache http server/1.3.18
version/apache http server/1.3.28
version/apache http server/2.0.32
version/apache http server/1.3.6
version/apache http server/1.3.9
version/apache http server/2.0.38
version/apache http server/2.0.39
version/apache http server/2.0.41
version/apache http server/1.3
version/apache http server/1.3.19
version/apache http server/1.3.20
version/apache http server/1.3.3
version/apache http server/1.3.4
version/apache http server/2.0.45
version/apache http server/1.3.14
version/apache http server/2.0
version/apache http server/2.0.43
version/apache http server/1.3.11
version/apache http server/1.3.22
version/apache http server/2.0.46
version/apache http server/2.0.28
version/apache http server/2.0.40
version/apache http server/2.0.36

CVE-2003-0542: Buffer Overflow

Remedy

Remedy

Never miss a vulnerability like this again

Reference Links

Company

Resources

Contact