CVE-2004-0492: Buffer Overflow
First published: Wed Jun 23 2004(Updated: )
Heap-based buffer overflow in proxy_util.c for mod_proxy in Apache 1.3.25 to 1.3.31 allows remote attackers to cause a denial of service (process crash) and possibly execute arbitrary code via a negative Content-Length HTTP header field, which causes a large amount of data to be copied.
Credit: cve@mitre.org cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Hp Webproxy | =2.0 | |
| HP VirtualVault | =11.0.4 | |
| Apache HTTP server | =1.3.27 | |
| IBM HTTP Server | =1.3.28 | |
| Apache HTTP server | =1.3.28 | |
| Apache HTTP server | =1.3.31 | |
| Hp Webproxy | =2.1 | |
| IBM HTTP Server | =1.3.26.1 | |
| Apache HTTP server | =1.3.26 | |
| Apache HTTP server | =1.3.29 | |
| SGI ProPack | =2.4 | |
| IBM HTTP Server | =1.3.26 | |
| IBM HTTP Server | =1.3.26.2 | |
| Hp Vvos | =11.04 | |
| Openbsd Openbsd | =3.5 | |
| Openbsd Openbsd | ||
| Openbsd Openbsd | =3.4 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- http://www.debian.org/security/2004/dsa-525
- http://rhn.redhat.com/errata/RHSA-2004-245.html
- http://seclists.org/lists/fulldisclosure/2004/Jun/0296.html
- http://www.guninski.com/modproxy1.html
- https://bugzilla.fedora.us/show_bug.cgi?id=1737
- http://www.kb.cert.org/vuls/id/541310
- http://secunia.com/advisories/11841
- http://sunsolve.sun.com/search/document.do?assetkey=1-26-57628-1
- http://sunsolve.sun.com/search/document.do?assetkey=1-26-101555-1
- http://sunsolve.sun.com/search/document.do?assetkey=1-26-101841-1
- http://www.mandriva.com/security/advisories?name=MDKSA-2004:065
- http://marc.info/?l=bugtraq&m=130497311408250&w=2
- http://marc.info/?l=bugtraq&m=108711172710140&w=2
- https://exchange.xforce.ibmcloud.com/vulnerabilities/16387
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A4863
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A100112
- https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9@%3Ccvs.httpd.apache.org%3E
- https://lists.apache.org/thread.html/rd65d8ba68ba17e7deedafbf5bb4899f2ae4dad781d21b931c2941ac3@%3Ccvs.httpd.apache.org%3E
- https://lists.apache.org/thread.html/r5419c9ba0951ef73a655362403d12bb8d10fab38274deb3f005816f5@%3Ccvs.httpd.apache.org%3E
- https://lists.apache.org/thread.html/re895fc1736d25c8cf57e102c871613b8aeec9ea26fd8a44e7942b5ab@%3Ccvs.httpd.apache.org%3E
- https://lists.apache.org/thread.html/r734a07156abf332d5ab27fb91d9d962cacfef4f3681e44056f064fa8@%3Ccvs.httpd.apache.org%3E
- https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920@%3Ccvs.httpd.apache.org%3E
- https://lists.apache.org/thread.html/rf2f0f3611f937cf6cfb3b4fe4a67f69885855126110e1e3f2fb2728e@%3Ccvs.httpd.apache.org%3E
- https://lists.apache.org/thread.html/r5419c9ba0951ef73a655362403d12bb8d10fab38274deb3f005816f5%40%3Ccvs.httpd.apache.org%3E
- https://lists.apache.org/thread.html/r734a07156abf332d5ab27fb91d9d962cacfef4f3681e44056f064fa8%40%3Ccvs.httpd.apache.org%3E
- https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E
- https://lists.apache.org/thread.html/rd65d8ba68ba17e7deedafbf5bb4899f2ae4dad781d21b931c2941ac3%40%3Ccvs.httpd.apache.org%3E
- https://lists.apache.org/thread.html/re895fc1736d25c8cf57e102c871613b8aeec9ea26fd8a44e7942b5ab%40%3Ccvs.httpd.apache.org%3E
- https://lists.apache.org/thread.html/rf2f0f3611f937cf6cfb3b4fe4a67f69885855126110e1e3f2fb2728e%40%3Ccvs.httpd.apache.org%3E
- https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E
- collector/nvd-historical
- vendor/hp
- product/webproxy
- canonical/hp webproxy
- product/virtualvault
- canonical/hp virtualvault
- vendor/apache
- product/http server
- canonical/apache http server
- vendor/ibm
- canonical/ibm http server
- vendor/sgi
- product/propack
- canonical/sgi propack
- product/vvos
- canonical/hp vvos
- vendor/openbsd
- product/openbsd
- canonical/openbsd openbsd
- collector/nvd-index
- collector/nvd-api
- agent/severity
- agent/references
- agent/weakness
- agent/author
- agent/type
- agent/event
- agent/description
- agent/remedy
- agent/last-modified-date
- agent/softwarecombine
- agent/first-publish-date
- agent/tags
- collector/mitre-cve
- source/MITRE
- version/hp webproxy/2.0
- version/hp virtualvault/11.0.4
- version/apache http server/1.3.27
- version/ibm http server/1.3.28
- version/apache http server/1.3.28
- version/apache http server/1.3.31
- version/hp webproxy/2.1
- version/ibm http server/1.3.26.1
- version/apache http server/1.3.26
- version/apache http server/1.3.29
- version/sgi propack/2.4
- version/ibm http server/1.3.26
- version/ibm http server/1.3.26.2
- version/hp vvos/11.04
- version/openbsd openbsd/3.5
- version/openbsd openbsd/3.4