7.5

CVE-2004-0700

EPSS 30.65%
Published 27.07.2004 04:00:00
Last modified 03.04.2025 01:03:51
Source cve@mitre.org
Teams watchlist Login
Open Login

Format string vulnerability in the mod_proxy hook functions function in ssl_engine_log.c in mod_ssl before 2.8.19 for Apache before 1.3.31 may allow remote attackers to execute arbitrary messages via format string specifiers in certain log messages for HTTPS that are handled by the ssl_log function.

Affected products Warnungen 0 Metrics 2 CWE 0 References 18

Data is provided by the National Vulnerability Database (NVD)

Mod Ssl ≫ Mod Ssl Version2.3.11

Mod Ssl ≫ Mod Ssl Version2.4.0

Mod Ssl ≫ Mod Ssl Version2.4.1

Mod Ssl ≫ Mod Ssl Version2.4.2

Mod Ssl ≫ Mod Ssl Version2.4.3

Mod Ssl ≫ Mod Ssl Version2.4.4

Mod Ssl ≫ Mod Ssl Version2.4.5

Mod Ssl ≫ Mod Ssl Version2.4.6

Mod Ssl ≫ Mod Ssl Version2.4.7

Mod Ssl ≫ Mod Ssl Version2.4.8

Mod Ssl ≫ Mod Ssl Version2.4.9

Mod Ssl ≫ Mod Ssl Version2.4.10

Mod Ssl ≫ Mod Ssl Version2.5.0

Mod Ssl ≫ Mod Ssl Version2.5.1

Mod Ssl ≫ Mod Ssl Version2.6.0

Mod Ssl ≫ Mod Ssl Version2.6.1

Mod Ssl ≫ Mod Ssl Version2.6.2

Mod Ssl ≫ Mod Ssl Version2.6.3

Mod Ssl ≫ Mod Ssl Version2.6.4

Mod Ssl ≫ Mod Ssl Version2.6.5

Mod Ssl ≫ Mod Ssl Version2.6.6

Mod Ssl ≫ Mod Ssl Version2.7.0

Mod Ssl ≫ Mod Ssl Version2.7.1

Mod Ssl ≫ Mod Ssl Version2.8.0

Mod Ssl ≫ Mod Ssl Version2.8.1

Mod Ssl ≫ Mod Ssl Version2.8.1.2

Mod Ssl ≫ Mod Ssl Version2.8.2

Mod Ssl ≫ Mod Ssl Version2.8.3

Mod Ssl ≫ Mod Ssl Version2.8.4

Mod Ssl ≫ Mod Ssl Version2.8.5

Mod Ssl ≫ Mod Ssl Version2.8.5.1

Mod Ssl ≫ Mod Ssl Version2.8.5.2

Mod Ssl ≫ Mod Ssl Version2.8.6

Mod Ssl ≫ Mod Ssl Version2.8.7

Mod Ssl ≫ Mod Ssl Version2.8.8

Mod Ssl ≫ Mod Ssl Version2.8.9

Mod Ssl ≫ Mod Ssl Version2.8.10

Mod Ssl ≫ Mod Ssl Version2.8.12

Mod Ssl ≫ Mod Ssl Version2.8.14

Mod Ssl ≫ Mod Ssl Version2.8.15

Mod Ssl ≫ Mod Ssl Version2.8.16

Mod Ssl ≫ Mod Ssl Version2.8.17

Mod Ssl ≫ Mod Ssl Version2.8.18

Gentoo ≫ Linux Version1.4

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	30.65%	0.963

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	7.5	10	6.4	AV:N/AC:L/Au:N/C:P/I:P/A:P

http://www.redhat.com/support/errata/RHSA-2004-405.html

http://www.debian.org/security/2004/dsa-532

https://bugzilla.fedora.us/show_bug.cgi?id=1888

http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000857

http://marc.info/?l=apache-modssl&m=109001100906749&w=2

http://marc.info/?l=bugtraq&m=109005001205991&w=2

http://packetstormsecurity.org/0407-advisories/modsslFormat.txt

http://virulent.siyahsapka.org/

http://www.kb.cert.org/vuls/id/303448

Third Party Advisory

US Government Resource

http://www.mandrakesecure.net/en/advisories/advisory.php?name=MDKSA-2004:075

http://www.osvdb.org/7929

http://www.redhat.com/support/errata/RHSA-2004-408.html

http://www.securityfocus.com/bid/10736

http://www.ubuntu.com/usn/usn-177-1

https://exchange.xforce.ibmcloud.com/vulnerabilities/16705

https://nvd.nist.gov/vuln/detail/CVE-2004-0700

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2004-0700

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2004-0700

EUVD