Format string vulnerability in the mod_proxy hook functions function in ssl_engine_log.c in mod_ssl before 2.8.19 for Apache before 1.3.31 may allow remote attackers to execute arbitrary messages via format string specifiers in certain log messages for HTTPS that are handled by the ssl_log function.
References
Configurations
Configuration 1 (hide)
|
Configuration 2 (hide)
|
History
20 Nov 2024, 23:49
Type | Values Removed | Values Added |
---|---|---|
References | () http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000857 - | |
References | () http://marc.info/?l=apache-modssl&m=109001100906749&w=2 - | |
References | () http://marc.info/?l=bugtraq&m=109005001205991&w=2 - | |
References | () http://packetstormsecurity.org/0407-advisories/modsslFormat.txt - | |
References | () http://virulent.siyahsapka.org/ - | |
References | () http://www.debian.org/security/2004/dsa-532 - | |
References | () http://www.kb.cert.org/vuls/id/303448 - Third Party Advisory, US Government Resource | |
References | () http://www.mandrakesecure.net/en/advisories/advisory.php?name=MDKSA-2004:075 - | |
References | () http://www.osvdb.org/7929 - | |
References | () http://www.redhat.com/support/errata/RHSA-2004-405.html - | |
References | () http://www.redhat.com/support/errata/RHSA-2004-408.html - | |
References | () http://www.securityfocus.com/bid/10736 - | |
References | () http://www.ubuntu.com/usn/usn-177-1 - | |
References | () https://bugzilla.fedora.us/show_bug.cgi?id=1888 - | |
References | () https://exchange.xforce.ibmcloud.com/vulnerabilities/16705 - |
Information
Published : 2004-07-27 04:00
Updated : 2024-11-20 23:49
NVD link : CVE-2004-0700
Mitre link : CVE-2004-0700
CVE.ORG link : CVE-2004-0700
JSON object : View
Products Affected
gentoo
- linux
mod_ssl
- mod_ssl
CWE