7.8

CVE-2004-0940

Exploit
Buffer overflow in the get_tag function in mod_include for Apache 1.3.x to 1.3.32 allows local users who can create SSI documents to execute arbitrary code as the apache user via SSI (XSSI) documents that trigger a length calculation error.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
ApacheHTTP Server Version >= 1.3 <= 1.3.32
OpenpkgOpenpkg Version2.0
OpenpkgOpenpkg Version2.1
OpenpkgOpenpkg Version2.2
HpHp-ux Version11.00
HpHp-ux Version11.11
HpHp-ux Version11.20
HpHp-ux Version11.22
SlackwareSlackware Linux Version8.0
SlackwareSlackware Linux Version8.1
SlackwareSlackware Linux Version9.0
SlackwareSlackware Linux Version9.1
SlackwareSlackware Linux Version10.0
SlackwareSlackware Linux Versioncurrent
SuseSuse Linux Version8.0
SuseSuse Linux Version8.1
SuseSuse Linux Version8.2
SuseSuse Linux Version9.0
SuseSuse Linux Version9.1
SuseSuse Linux Version9.2
TrustixSecure Linux Version1.5
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 3.68% 0.874
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 7.8 1.8 5.9
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
nvd@nist.gov 6.9 3.4 10
AV:L/AC:M/Au:N/C:C/I:C/A:C
CWE-131 Incorrect Calculation of Buffer Size

The product does not correctly calculate the size to be used when allocating a buffer, which could lead to a buffer overflow.

http://marc.info/?l=bugtraq&m=109906660225051&w=2
Third Party Advisory
Mailing List
http://securitytracker.com/id?1011783
Third Party Advisory
Broken Link
VDB Entry
http://www.debian.org/security/2004/dsa-594
Third Party Advisory
Mailing List
http://www.securityfocus.com/bid/11471
Patch
Third Party Advisory
Vendor Advisory
Exploit
Broken Link
VDB Entry