ID

VAR-200407-0075


CVE

CVE-2004-0488


TITLE

Apache HTTP Server of mod_ssl Vulnerable to buffer overflow

Trust: 0.8

sources: JVNDB: JVNDB-2004-000199

DESCRIPTION

Stack-based buffer overflow in the ssl_util_uuencode_binary function in ssl_util.c for Apache mod_ssl, when mod_ssl is configured to trust the issuing CA, may allow remote attackers to execute arbitrary code via a client certificate with a long subject DN. mod_ssl Is httpd.conf In SSLOptions Is a directive option FakeBasicAuth If enabled, a buffer overflow vulnerability exists.SSL Is enabled Apache HTTP Server Service disruption at (DoS) It may be in a state. Oracle Database Server, Oracle Application Server, Oracle Collaboration Suite, Oracle E-Business and Applications, Oracle Enterprise Manager Grid Control, and Oracle PeopleSoft Applications are reported prone to multiple vulnerabilities. Oracle has released a Critical Patch Update to address these issues in various supported applications and platforms. Other non-supported versions may be affected, but Symantec has not confirmed this. The issues identified by the vendor affect all security properties of the Oracle products and present local and remote threats. While various levels of authorization are required to leverage some issues, others do not require any authorization. This BID will be divided and updated into separate BIDs when more information is available. A stack-based buffer overflow has been reported in the Apache 'mod_ssl' module. This issue is exposed in utility code for uuencoding binary data. This issue would most likely result in a denial of service if triggered, but could theoretically allow arbitrary code to run. The issue is not believed to be exploitable to execute arbitrary code on x86 architectures, but this may not be the case with other architectures. Mod_SSL is the SSL implementation on the Apache server, used to provide encryption support for the Apache web server. A remote attacker can use the ssl_engine_kernel.c module that uses this function to conduct a denial of service attack or execute arbitrary instructions in the WEB process

Trust: 2.25

sources: NVD: CVE-2004-0488 // JVNDB: JVNDB-2004-000199 // BID: 13139 // BID: 10355 // VULHUB: VHN-8918

AFFECTED PRODUCTS

vendor:debianmodel:linuxscope:eqversion:3.0

Trust: 1.3

vendor:apachemodel:http serverscope:gteversion:2.0.35

Trust: 1.0

vendor:redhatmodel:enterprise linux workstationscope:eqversion:2.0

Trust: 1.0

vendor:redhatmodel:enterprise linux serverscope:eqversion:2.0

Trust: 1.0

vendor:apachemodel:http serverscope:ltversion:2.0.50

Trust: 1.0

vendor:trustixmodel:secure linuxscope:eqversion:2.1

Trust: 0.9

vendor:trustixmodel:secure linuxscope:eqversion:1.5

Trust: 0.9

vendor:trustixmodel:secure linuxscope:eqversion:2.0

Trust: 0.9

vendor:apachemodel:http serverscope:lteversion:2.0.49

Trust: 0.8

vendor:modsslmodel:mod sslscope:lteversion:2.8.17

Trust: 0.8

vendor:cybertrustmodel:asianux serverscope:eqversion:1.1

Trust: 0.8

vendor:cybertrustmodel:asianux serverscope:eqversion:2.0

Trust: 0.8

vendor:cybertrustmodel:asianux serverscope:eqversion:2.1

Trust: 0.8

vendor:cybertrustmodel:asianux serverscope:eqversion:3.0

Trust: 0.8

vendor:sun microsystemsmodel:cobalt raq550scope: - version: -

Trust: 0.8

vendor:turbo linuxmodel:turbolinux serverscope:eqversion:6.5

Trust: 0.8

vendor:turbo linuxmodel:turbolinux serverscope:eqversion:7

Trust: 0.8

vendor:turbo linuxmodel:turbolinux serverscope:eqversion:8

Trust: 0.8

vendor:hewlett packardmodel:hp-uxscope:eqversion:11.00

Trust: 0.8

vendor:hewlett packardmodel:hp-uxscope:eqversion:11.04

Trust: 0.8

vendor:hewlett packardmodel:hp-uxscope:eqversion:11.11

Trust: 0.8

vendor:hewlett packardmodel:hp-uxscope:eqversion:11.22

Trust: 0.8

vendor:hewlett packardmodel:hp-uxscope:eqversion:11.23

Trust: 0.8

vendor:red hatmodel:enterprise linuxscope:eqversion:2.1 (as)

Trust: 0.8

vendor:red hatmodel:enterprise linuxscope:eqversion:2.1 (es)

Trust: 0.8

vendor:red hatmodel:enterprise linuxscope:eqversion:2.1 (ws)

Trust: 0.8

vendor:red hatmodel:enterprise linuxscope:eqversion:3 (as)

Trust: 0.8

vendor:red hatmodel:enterprise linuxscope:eqversion:3 (es)

Trust: 0.8

vendor:red hatmodel:enterprise linuxscope:eqversion:3 (ws)

Trust: 0.8

vendor:peoplesoftmodel:oneworld xe/erp8 applications sp22scope: - version: -

Trust: 0.3

vendor:peoplesoftmodel:enterpriseone applicationsscope:eqversion:8.93

Trust: 0.3

vendor:peoplesoftmodel:enterpriseone applications sp2scope:eqversion:8.9

Trust: 0.3

vendor:oraclemodel:oracle9i standard editionscope:eqversion:9.2.6

Trust: 0.3

vendor:oraclemodel:oracle9i standard editionscope:eqversion:9.2.0.5

Trust: 0.3

vendor:oraclemodel:oracle9i standard editionscope:eqversion:9.0.4

Trust: 0.3

vendor:oraclemodel:oracle9i standard editionscope:eqversion:9.0.1.5

Trust: 0.3

vendor:oraclemodel:oracle9i standard editionscope:eqversion:9.0.1.4

Trust: 0.3

vendor:oraclemodel:oracle9i personal editionscope:eqversion:9.2.6

Trust: 0.3

vendor:oraclemodel:oracle9i personal editionscope:eqversion:9.2.0.5

Trust: 0.3

vendor:oraclemodel:oracle9i personal editionscope:eqversion:9.0.4

Trust: 0.3

vendor:oraclemodel:oracle9i personal editionscope:eqversion:9.0.1.5

Trust: 0.3

vendor:oraclemodel:oracle9i personal editionscope:eqversion:9.0.1.4

Trust: 0.3

vendor:oraclemodel:oracle9i enterprise editionscope:eqversion:9.2.6.0

Trust: 0.3

vendor:oraclemodel:oracle9i enterprise editionscope:eqversion:9.2.0.5

Trust: 0.3

vendor:oraclemodel:oracle9i enterprise editionscope:eqversion:9.0.4

Trust: 0.3

vendor:oraclemodel:oracle9i enterprise editionscope:eqversion:9.0.1.5

Trust: 0.3

vendor:oraclemodel:oracle9i enterprise editionscope:eqversion:9.0.1.4

Trust: 0.3

vendor:oraclemodel:oracle9i application serverscope:eqversion:9.0.3.1

Trust: 0.3

vendor:oraclemodel:oracle9i application serverscope:eqversion:9.0.2.3

Trust: 0.3

vendor:oraclemodel:oracle9i application serverscope:eqversion:1.0.2.2

Trust: 0.3

vendor:oraclemodel:oracle8i standard editionscope:eqversion:8.1.7.4

Trust: 0.3

vendor:oraclemodel:oracle8i enterprise editionscope:eqversion:8.1.7.4.0

Trust: 0.3

vendor:oraclemodel:oracle10g standard editionscope:eqversion:10.1.0.4

Trust: 0.3

vendor:oraclemodel:oracle10g standard editionscope:eqversion:10.1.0.3.1

Trust: 0.3

vendor:oraclemodel:oracle10g standard editionscope:eqversion:10.1.0.3

Trust: 0.3

vendor:oraclemodel:oracle10g standard editionscope:eqversion:10.1.0.2

Trust: 0.3

vendor:oraclemodel:oracle10g personal editionscope:eqversion:10.1.0.4

Trust: 0.3

vendor:oraclemodel:oracle10g personal editionscope:eqversion:10.1.0.3.1

Trust: 0.3

vendor:oraclemodel:oracle10g personal editionscope:eqversion:10.1.0.3

Trust: 0.3

vendor:oraclemodel:oracle10g personal editionscope:eqversion:10.1.0.2

Trust: 0.3

vendor:oraclemodel:oracle10g enterprise editionscope:eqversion:10.1.0.4

Trust: 0.3

vendor:oraclemodel:oracle10g enterprise editionscope:eqversion:10.1.0.3.1

Trust: 0.3

vendor:oraclemodel:oracle10g enterprise editionscope:eqversion:10.1.0.3

Trust: 0.3

vendor:oraclemodel:oracle10g enterprise editionscope:eqversion:10.1.0.2

Trust: 0.3

vendor:oraclemodel:oracle10g application serverscope:eqversion:10.1.2

Trust: 0.3

vendor:oraclemodel:oracle10g application serverscope:eqversion:10.1.0.3.1

Trust: 0.3

vendor:oraclemodel:oracle10g application serverscope:eqversion:9.0.4.1

Trust: 0.3

vendor:oraclemodel:oracle10g application serverscope:eqversion:9.0.4.0

Trust: 0.3

vendor:oraclemodel:enterprise manager grid control 10gscope:eqversion:10.1.3

Trust: 0.3

vendor:oraclemodel:enterprise manager grid control 10gscope:eqversion:10.1.0.2

Trust: 0.3

vendor:oraclemodel:enterprise managerscope:eqversion:9.0.4.1

Trust: 0.3

vendor:oraclemodel:enterprise managerscope:eqversion:9.0.4.0

Trust: 0.3

vendor:oraclemodel:e-business suite 11iscope:eqversion:11.5.10

Trust: 0.3

vendor:oraclemodel:e-business suite 11iscope:eqversion:11.5.9

Trust: 0.3

vendor:oraclemodel:e-business suite 11iscope:eqversion:11.5.8

Trust: 0.3

vendor:oraclemodel:e-business suite 11iscope:eqversion:11.5.7

Trust: 0.3

vendor:oraclemodel:e-business suite 11iscope:eqversion:11.5.6

Trust: 0.3

vendor:oraclemodel:e-business suite 11iscope:eqversion:11.5.5

Trust: 0.3

vendor:oraclemodel:e-business suite 11iscope:eqversion:11.5.4

Trust: 0.3

vendor:oraclemodel:e-business suite 11iscope:eqversion:11.5.3

Trust: 0.3

vendor:oraclemodel:e-business suite 11iscope:eqversion:11.5.2

Trust: 0.3

vendor:oraclemodel:e-business suite 11iscope:eqversion:11.5.1

Trust: 0.3

vendor:oraclemodel:e-business suite 11iscope:eqversion:11.5

Trust: 0.3

vendor:oraclemodel:e-business suitescope:eqversion:11.0

Trust: 0.3

vendor:oraclemodel:collaboration suite releasescope:eqversion:29.0.4.2

Trust: 0.3

vendor:oraclemodel:collaboration suite releasescope:eqversion:29.0.4.1

Trust: 0.3

vendor:apachemodel:apachescope:eqversion:2.0.49

Trust: 0.3

vendor:apachemodel:apachescope:eqversion:2.0.35

Trust: 0.3

vendor:mandrakesoftmodel:multi network firewallscope:eqversion:2.0

Trust: 0.3

vendor:hpmodel:hp-ux b.11.23scope: - version: -

Trust: 0.3

vendor:redhatmodel:enterprise linux wsscope:eqversion:2.1

Trust: 0.3

vendor:mod sslmodel:mod sslscope:eqversion:2.8.12

Trust: 0.3

vendor:mod sslmodel:mod sslscope:eqversion:2.8.9

Trust: 0.3

vendor:redhatmodel:strongholdscope:eqversion:4.0

Trust: 0.3

vendor:apachemodel:apachescope:eqversion:2.0

Trust: 0.3

vendor:openbsdmodel:-currentscope: - version: -

Trust: 0.3

vendor:hpmodel:hp-ux b.11.22scope: - version: -

Trust: 0.3

vendor:openbsdmodel:openbsdscope:eqversion:3.5

Trust: 0.3

vendor:mandrivamodel:linux mandrakescope:eqversion:9.1

Trust: 0.3

vendor:debianmodel:linux m68kscope:eqversion:3.0

Trust: 0.3

vendor:mandrivamodel:linux mandrake amd64scope:eqversion:9.2

Trust: 0.3

vendor:applemodel:mac os serverscope:eqversion:x10.3.4

Trust: 0.3

vendor:apachemodel:apachescope:eqversion:1.3.28

Trust: 0.3

vendor:apachemodel:apachescope:eqversion:2.0.39

Trust: 0.3

vendor:debianmodel:linux ia-64scope:eqversion:3.0

Trust: 0.3

vendor:mod sslmodel:mod sslscope:eqversion:2.8.7

Trust: 0.3

vendor:mandrivamodel:linux mandrake amd64scope:eqversion:10.0

Trust: 0.3

vendor:apachemodel:apachescope:eqversion:2.0.32

Trust: 0.3

vendor:apachemodel:-devscope:eqversion:1.3.7

Trust: 0.3

vendor:debianmodel:linux sparcscope:eqversion:3.0

Trust: 0.3

vendor:mandrakesoftmodel:corporate server x86 64scope:eqversion:2.1

Trust: 0.3

vendor:hpmodel:webproxy a.02.00scope: - version: -

Trust: 0.3

vendor:debianmodel:linux hppascope:eqversion:3.0

Trust: 0.3

vendor:redhatmodel:advanced workstation for the itanium processorscope:eqversion:2.1

Trust: 0.3

vendor:tinysofamodel:enterprise serverscope:eqversion:1.0

Trust: 0.3

vendor:hpmodel:compaq secure web server for openvmsscope:eqversion:1.2

Trust: 0.3

vendor:apachemodel:apachescope:eqversion:1.3.22

Trust: 0.3

vendor:apachemodel:apachescope:eqversion:1.3.9

Trust: 0.3

vendor:hpmodel:virtualvault a.04.70scope: - version: -

Trust: 0.3

vendor:redhatmodel:enterprise linux ws ia64scope:eqversion:2.1

Trust: 0.3

vendor:redhatmodel:linuxscope:eqversion:7.3

Trust: 0.3

vendor:applemodel:mac osscope:eqversion:x10.2.8

Trust: 0.3

vendor:apachemodel:apachescope:eqversion:2.0.43

Trust: 0.3

vendor:hpmodel:openvms secure web serverscope:eqversion:7.3

Trust: 0.3

vendor:apachemodel:apachescope:eqversion:2.0.47

Trust: 0.3

vendor:mandrivamodel:linux mandrake ppcscope:eqversion:9.1

Trust: 0.3

vendor:apachemodel:apachescope:eqversion:1.3.20

Trust: 0.3

vendor:apachemodel:apachescope:eqversion:1.3.26

Trust: 0.3

vendor:apachemodel:apachescope:eqversion:1.3.25

Trust: 0.3

vendor:apachemodel:apachescope:eqversion:2.0.37

Trust: 0.3

vendor:applemodel:mac os serverscope:eqversion:x10.3.5

Trust: 0.3

vendor:apachemodel:apachescope:eqversion:1.3.14

Trust: 0.3

vendor:apachemodel:apachescope:eqversion:1.3.11

Trust: 0.3

vendor:apachemodel:apachescope:eqversion:1.3.4

Trust: 0.3

vendor:redhatmodel:network proxy (for rhelscope:eqversion:4)4.2

Trust: 0.3

vendor:redhatmodel:enterprise linux esscope:eqversion:2.1

Trust: 0.3

vendor:hpmodel:openvms secure web serverscope:eqversion:7.3-1

Trust: 0.3

vendor:gentoomodel:linuxscope:eqversion:1.4

Trust: 0.3

vendor:mandrivamodel:linux mandrakescope:eqversion:9.2

Trust: 0.3

vendor:turbolinuxmodel:homescope: - version: -

Trust: 0.3

vendor:redhatmodel:linux i686scope:eqversion:7.3

Trust: 0.3

vendor:debianmodel:linux alphascope:eqversion:3.0

Trust: 0.3

vendor:redhatmodel:advanced workstation for the itanium processor ia64scope:eqversion:2.1

Trust: 0.3

vendor:hpmodel:openvms secure web serverscope:eqversion:7.3-2

Trust: 0.3

vendor:apachemodel:apachescope:eqversion:2.0.48

Trust: 0.3

vendor:apachemodel:apachescope:eqversion:2.0.45

Trust: 0.3

vendor:apachemodel:apachescope:eqversion:1.3.12

Trust: 0.3

vendor:redhatmodel:linux i386scope:eqversion:7.3

Trust: 0.3

vendor:apachemodel:apachescope:eqversion:1.3.1

Trust: 0.3

vendor:apachemodel:apachescope:eqversion:2.0.38

Trust: 0.3

vendor:mod sslmodel:mod sslscope:eqversion:2.8.10

Trust: 0.3

vendor:hpmodel:openvms secure web serverscope:eqversion:7.2-2

Trust: 0.3

vendor:trustixmodel:secure enterprise linuxscope:eqversion:2.0

Trust: 0.3

vendor:hpmodel:virtualvault a.04.50scope: - version: -

Trust: 0.3

vendor:apachemodel:apachescope:eqversion:2.0.46

Trust: 0.3

vendor:hpmodel:compaq secure web server for openvmsscope:eqversion:1.3

Trust: 0.3

vendor:turbolinuxmodel:desktopscope:eqversion:10.0

Trust: 0.3

vendor:turbolinuxmodel:serverscope:eqversion:10.0

Trust: 0.3

vendor:apachemodel:apachescope:eqversion:2.0.44

Trust: 0.3

vendor:apachemodel:apachescope:eqversion:1.3.24

Trust: 0.3

vendor:apachemodel:betascope:eqversion:2.0.28

Trust: 0.3

vendor:redhatmodel:enterprise linux as ia64scope:eqversion:2.1

Trust: 0.3

vendor:apachemodel:apachescope:eqversion:2.0.40

Trust: 0.3

vendor:openbsdmodel:openbsdscope:eqversion:3.4

Trust: 0.3

vendor:mod sslmodel:mod sslscope:eqversion:2.8.16

Trust: 0.3

vendor:apachemodel:apachescope:eqversion:1.3.23

Trust: 0.3

vendor:apachemodel:apachescope:eqversion:1.3

Trust: 0.3

vendor:hpmodel:webproxy a.02.10scope: - version: -

Trust: 0.3

vendor:hpmodel:compaq secure web server for openvmsscope:eqversion:2.0

Trust: 0.3

vendor:hpmodel:virtualvault a.04.60scope: - version: -

Trust: 0.3

vendor:hpmodel:hp-ux b.11.11scope: - version: -

Trust: 0.3

vendor:apachemodel:apachescope:eqversion:1.3.19

Trust: 0.3

vendor:apachemodel:apachescope:eqversion:1.3.18

Trust: 0.3

vendor:hpmodel:compaq secure web server for openvms phpscope:eqversion:2.0

Trust: 0.3

vendor:tinysofamodel:enterprise server -u1scope:eqversion:1.0

Trust: 0.3

vendor:apachemodel:a9scope:eqversion:2.0

Trust: 0.3

vendor:apachemodel:apachescope:eqversion:1.3.27

Trust: 0.3

vendor:hpmodel:hp-ux b.11.00scope: - version: -

Trust: 0.3

vendor:debianmodel:linux ia-32scope:eqversion:3.0

Trust: 0.3

vendor:debianmodel:linux mipselscope:eqversion:3.0

Trust: 0.3

vendor:debianmodel:linux mipsscope:eqversion:3.0

Trust: 0.3

vendor:redhatmodel:network proxy (for rhelscope:eqversion:3)4.2

Trust: 0.3

vendor:applemodel:mac os serverscope:eqversion:x10.2.8

Trust: 0.3

vendor:apachemodel:apachescope:eqversion:2.0.42

Trust: 0.3

vendor:apachemodel:apachescope:neversion:2.0.50

Trust: 0.3

vendor:mandrakesoftmodel:corporate serverscope:eqversion:2.1

Trust: 0.3

vendor:apachemodel:apachescope:eqversion:2.0.28

Trust: 0.3

vendor:applemodel:mac osscope:eqversion:x10.3.5

Trust: 0.3

vendor:apachemodel:apachescope:eqversion:1.3.3

Trust: 0.3

vendor:debianmodel:linux armscope:eqversion:3.0

Trust: 0.3

vendor:applemodel:mac osscope:eqversion:x10.3.4

Trust: 0.3

vendor:apachemodel:apachescope:eqversion:2.0.36

Trust: 0.3

vendor:debianmodel:linux s/390scope:eqversion:3.0

Trust: 0.3

vendor:apachemodel:apachescope:eqversion:2.0.41

Trust: 0.3

vendor:apachemodel:apachescope:eqversion:1.3.29

Trust: 0.3

vendor:apachemodel:apachescope:eqversion:1.3.6

Trust: 0.3

vendor:debianmodel:linux ppcscope:eqversion:3.0

Trust: 0.3

vendor:apachemodel:apachescope:eqversion:1.3.17

Trust: 0.3

vendor:redhatmodel:enterprise linux es ia64scope:eqversion:2.1

Trust: 0.3

vendor:mandrivamodel:linux mandrakescope:eqversion:10.0

Trust: 0.3

vendor:redhatmodel:enterprise linux asscope:eqversion:2.1

Trust: 0.3

vendor:apachemodel:apachescope:eqversion:1.3.31

Trust: 0.3

vendor:mod sslmodel:mod sslscope:eqversion:2.8.15

Trust: 0.3

vendor:sgimodel:propackscope:eqversion:2.4

Trust: 0.3

sources: BID: 13139 // BID: 10355 // JVNDB: JVNDB-2004-000199 // CNNVD: CNNVD-200407-016 // NVD: CVE-2004-0488

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2004-0488
value: HIGH

Trust: 1.0

NVD: CVE-2004-0488
value: HIGH

Trust: 0.8

CNNVD: CNNVD-200407-016
value: HIGH

Trust: 0.6

VULHUB: VHN-8918
value: HIGH

Trust: 0.1

nvd@nist.gov: CVE-2004-0488
severity: HIGH
baseScore: 7.5
vectorString: AV:N/AC:L/AU:N/C:P/I:P/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 10.0
impactScore: 6.4
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.8

VULHUB: VHN-8918
severity: HIGH
baseScore: 7.5
vectorString: AV:N/AC:L/AU:N/C:P/I:P/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 10.0
impactScore: 6.4
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

sources: VULHUB: VHN-8918 // JVNDB: JVNDB-2004-000199 // CNNVD: CNNVD-200407-016 // NVD: CVE-2004-0488

PROBLEMTYPE DATA

problemtype:CWE-787

Trust: 1.0

sources: NVD: CVE-2004-0488

THREAT TYPE

network

Trust: 0.6

sources: BID: 13139 // BID: 10355

TYPE

buffer error

Trust: 0.6

sources: CNNVD: CNNVD-200407-016

CONFIGURATIONS

sources: JVNDB: JVNDB-2004-000199

PATCH

title:2.0 CHANGESurl:http://www.apache.org/dist/httpd/CHANGES_2.0

Trust: 0.8

title:HPSBUX01068url:http://www1.itrc.hp.com/service/cki/docDisplay.do?docId=HPSBUX01068

Trust: 0.8

title:HPSBUX01064url:http://www1.itrc.hp.com/service/cki/docDisplay.do?docId=HPSBUX01064

Trust: 0.8

title:HPSBUX01068url:http://h50221.www5.hp.com/upassist/itrc_japan/assist2/secbltn/HP-UX/HPSBUX01068.html

Trust: 0.8

title:HPSBUX01064url:http://h50221.www5.hp.com/upassist/itrc_japan/assist2/secbltn/HP-UX/HPSBUX01064.html

Trust: 0.8

title:mod_sslurl:http://www.miraclelinux.com/support/update/data/mod_ssl.html

Trust: 0.8

title:httpdurl:http://www.miraclelinux.com/support/update/data/httpd.html

Trust: 0.8

title:Top Pageurl:http://www.modssl.org/

Trust: 0.8

title:RHSA-2004:245url:https://rhn.redhat.com/errata/RHSA-2004-245.html

Trust: 0.8

title:RHSA-2004:342url:https://rhn.redhat.com/errata/RHSA-2004-342.html

Trust: 0.8

title:550 Apache and Openssl Security Update 0.0.1url:http://sunsolve.sun.com/pub-cgi/show.pl?target=cobalt/raq550.eng

Trust: 0.8

title:TLSA-2006-32url:http://www.turbolinux.com/security/2006/TLSA-2006-32.txt

Trust: 0.8

title:RHSA-2004:245url:http://www.jp.redhat.com/support/errata/RHSA/RHSA-2004-245J.html

Trust: 0.8

title:RHSA-2004:342url:http://www.jp.redhat.com/support/errata/RHSA/RHSA-2004-342J.html

Trust: 0.8

title:TLSA-2006-32url:http://www.turbolinux.co.jp/security/2006/TLSA-2006-32j.txt

Trust: 0.8

sources: JVNDB: JVNDB-2004-000199

EXTERNAL IDS

db:NVDid:CVE-2004-0488

Trust: 3.1

db:BIDid:10355

Trust: 2.8

db:JVNDBid:JVNDB-2004-000199

Trust: 0.8

db:CNNVDid:CNNVD-200407-016

Trust: 0.7

db:BIDid:13139

Trust: 0.3

db:SEEBUGid:SSVID-87504

Trust: 0.1

db:VULHUBid:VHN-8918

Trust: 0.1

sources: VULHUB: VHN-8918 // BID: 13139 // BID: 10355 // JVNDB: JVNDB-2004-000199 // CNNVD: CNNVD-200407-016 // NVD: CVE-2004-0488

REFERENCES

url:http://www.securityfocus.com/bid/10355

Trust: 2.5

url:http://rhn.redhat.com/errata/rhsa-2004-245.html

Trust: 2.0

url:http://www.debian.org/security/2004/dsa-532

Trust: 1.7

url:https://bugzilla.fedora.us/show_bug.cgi?id=1888

Trust: 1.7

url:http://lists.grok.org.uk/pipermail/full-disclosure/2004-may/021610.html

Trust: 1.7

url:http://security.gentoo.org/glsa/glsa-200406-05.xml

Trust: 1.7

url:http://www.mandriva.com/security/advisories?name=mdksa-2004:054

Trust: 1.7

url:http://www.mandriva.com/security/advisories?name=mdksa-2004:055

Trust: 1.7

url:https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a11458

Trust: 1.7

url:http://www.redhat.com/support/errata/rhsa-2004-342.html

Trust: 1.7

url:http://www.redhat.com/support/errata/rhsa-2004-405.html

Trust: 1.7

url:http://www.redhat.com/support/errata/rhsa-2005-816.html

Trust: 1.7

url:http://www.trustix.net/errata/2004/0031/

Trust: 1.7

url:https://exchange.xforce.ibmcloud.com/vulnerabilities/16214

Trust: 1.7

url:http://marc.info/?l=bugtraq&m=109215056218824&w=2

Trust: 1.6

url:http://marc.info/?l=bugtraq&m=108619129727620&w=2

Trust: 1.6

url:http://marc.info/?l=bugtraq&m=109181600614477&w=2

Trust: 1.6

url:http://marc.info/?l=bugtraq&m=108567431823750&w=2

Trust: 1.6

url:ftp://patches.sgi.com/support/free/security/advisories/20040605-01-u.asc

Trust: 1.1

url:https://lists.apache.org/thread.html/54a42d4b01968df1117cea77fc53d6beb931c0e05936ad02af93e9ac%40%3ccvs.httpd.apache.org%3e

Trust: 1.0

url:https://lists.apache.org/thread.html/5df9bfb86a3b054bb985a45ff9250b0332c9ecc181eec232489e7f79%40%3ccvs.httpd.apache.org%3e

Trust: 1.0

url:https://lists.apache.org/thread.html/r0276683d8e1e07153fc8642618830ac0ade85b9ae0dc7b07f63bb8fc%40%3ccvs.httpd.apache.org%3e

Trust: 1.0

url:https://lists.apache.org/thread.html/r2cb985de917e7da0848c440535f65a247754db8b2154a10089e4247b%40%3ccvs.httpd.apache.org%3e

Trust: 1.0

url:https://lists.apache.org/thread.html/r5001ecf3d6b2bdd0b732e527654248abb264f08390045d30709a92f6%40%3ccvs.httpd.apache.org%3e

Trust: 1.0

url:https://lists.apache.org/thread.html/r8828e649175df56f1f9e3919938ac7826128525426e2748f0ab62feb%40%3ccvs.httpd.apache.org%3e

Trust: 1.0

url:https://lists.apache.org/thread.html/r9e8622254184645bc963a1d47c5d47f6d5a36d6f080d8d2c43b2b142%40%3ccvs.httpd.apache.org%3e

Trust: 1.0

url:https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3ccvs.httpd.apache.org%3e

Trust: 1.0

url:https://lists.apache.org/thread.html/raa117ef183f0da9b3f46efbeaa66f7622bd68868a450cae4fd8ed594%40%3ccvs.httpd.apache.org%3e

Trust: 1.0

url:https://lists.apache.org/thread.html/rd65d8ba68ba17e7deedafbf5bb4899f2ae4dad781d21b931c2941ac3%40%3ccvs.httpd.apache.org%3e

Trust: 1.0

url:https://lists.apache.org/thread.html/re895fc1736d25c8cf57e102c871613b8aeec9ea26fd8a44e7942b5ab%40%3ccvs.httpd.apache.org%3e

Trust: 1.0

url:https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3ccvs.httpd.apache.org%3e

Trust: 1.0

url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2004-0488

Trust: 0.8

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2004-0488

Trust: 0.8

url:httpd.apache.org%3e

Trust: 0.6

url:https://lists.apache.org/thread.html/r8828e649175df56f1f9e3919938ac7826128525426e2748f0ab62feb@%3ccvs.

Trust: 0.6

url:https://lists.apache.org/thread.html/5df9bfb86a3b054bb985a45ff9250b0332c9ecc181eec232489e7f79@%3ccvs.

Trust: 0.6

url:https://lists.apache.org/thread.html/54a42d4b01968df1117cea77fc53d6beb931c0e05936ad02af93e9ac@%3ccvs.

Trust: 0.6

url:https://lists.apache.org/thread.html/r2cb985de917e7da0848c440535f65a247754db8b2154a10089e4247b@%3ccvs.

Trust: 0.6

url:https://lists.apache.org/thread.html/raa117ef183f0da9b3f46efbeaa66f7622bd68868a450cae4fd8ed594@%3ccvs.

Trust: 0.6

url:https://lists.apache.org/thread.html/r9e8622254184645bc963a1d47c5d47f6d5a36d6f080d8d2c43b2b142@%3ccvs.

Trust: 0.6

url:https://lists.apache.org/thread.html/re895fc1736d25c8cf57e102c871613b8aeec9ea26fd8a44e7942b5ab@%3ccvs.

Trust: 0.6

url:https://lists.apache.org/thread.html/rd65d8ba68ba17e7deedafbf5bb4899f2ae4dad781d21b931c2941ac3@%3ccvs.

Trust: 0.6

url:https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9@%3ccvs.

Trust: 0.6

url:https://lists.apache.org/thread.html/r0276683d8e1e07153fc8642618830ac0ade85b9ae0dc7b07f63bb8fc@%3ccvs.

Trust: 0.6

url:https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920@%3ccvs.

Trust: 0.6

url:https://lists.apache.org/thread.html/r5001ecf3d6b2bdd0b732e527654248abb264f08390045d30709a92f6@%3ccvs.

Trust: 0.6

url:http://www.oracle.com/technology/deploy/security/pdf/cpuapr2005.pdf

Trust: 0.3

url:http://www.oracle.com/index.html

Trust: 0.3

url:http://www.peoplesoft.com:80/corp/en/support/security_index.jsp

Trust: 0.3

url:/archive/1/395699

Trust: 0.3

url:http://httpd.apache.org/

Trust: 0.3

url:http://www.modssl.org

Trust: 0.3

url:http://www.openbsd.org/errata.html

Trust: 0.3

url:http://rhn.redhat.com/errata/rhsa-2004-342.html

Trust: 0.3

url:http://rhn.redhat.com/errata/rhsa-2004-405.html

Trust: 0.3

url:http://rhn.redhat.com/errata/rhsa-2005-816.html

Trust: 0.3

url:http://www4.itrc.hp.com/service/cki/docdisplay.do?admit=-938907319+1097930936036+28353475&docid=hpsbov01083

Trust: 0.3

url:http://www.tinysofa.org/support/errata/2004/008.html

Trust: 0.3

url:http://support.avaya.com/japple/css/japple?temp.groupid=128450&temp.selectedfamily=128451&temp.selectedproduct=154235&temp.selectedbucket=126655&temp.feedbackstate=askforfeedback&temp.documentid=19466

Trust: 0.3

url:http://rhn.redhat.com/errata/rhsa-2008-0523.html

Trust: 0.3

url:http://marc.info/?l=bugtraq&m=108567431823750&w=2

Trust: 0.1

url:http://marc.info/?l=bugtraq&m=108619129727620&w=2

Trust: 0.1

url:http://marc.info/?l=bugtraq&m=109181600614477&w=2

Trust: 0.1

url:http://marc.info/?l=bugtraq&m=109215056218824&w=2

Trust: 0.1

url:https://lists.apache.org/thread.html/54a42d4b01968df1117cea77fc53d6beb931c0e05936ad02af93e9ac@%3ccvs.httpd.apache.org%3e

Trust: 0.1

url:https://lists.apache.org/thread.html/5df9bfb86a3b054bb985a45ff9250b0332c9ecc181eec232489e7f79@%3ccvs.httpd.apache.org%3e

Trust: 0.1

url:https://lists.apache.org/thread.html/r0276683d8e1e07153fc8642618830ac0ade85b9ae0dc7b07f63bb8fc@%3ccvs.httpd.apache.org%3e

Trust: 0.1

url:https://lists.apache.org/thread.html/r8828e649175df56f1f9e3919938ac7826128525426e2748f0ab62feb@%3ccvs.httpd.apache.org%3e

Trust: 0.1

url:https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9@%3ccvs.httpd.apache.org%3e

Trust: 0.1

url:https://lists.apache.org/thread.html/re895fc1736d25c8cf57e102c871613b8aeec9ea26fd8a44e7942b5ab@%3ccvs.httpd.apache.org%3e

Trust: 0.1

url:https://lists.apache.org/thread.html/r2cb985de917e7da0848c440535f65a247754db8b2154a10089e4247b@%3ccvs.httpd.apache.org%3e

Trust: 0.1

url:https://lists.apache.org/thread.html/r9e8622254184645bc963a1d47c5d47f6d5a36d6f080d8d2c43b2b142@%3ccvs.httpd.apache.org%3e

Trust: 0.1

url:https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920@%3ccvs.httpd.apache.org%3e

Trust: 0.1

url:https://lists.apache.org/thread.html/raa117ef183f0da9b3f46efbeaa66f7622bd68868a450cae4fd8ed594@%3ccvs.httpd.apache.org%3e

Trust: 0.1

url:https://lists.apache.org/thread.html/rd65d8ba68ba17e7deedafbf5bb4899f2ae4dad781d21b931c2941ac3@%3ccvs.httpd.apache.org%3e

Trust: 0.1

url:https://lists.apache.org/thread.html/r5001ecf3d6b2bdd0b732e527654248abb264f08390045d30709a92f6@%3ccvs.httpd.apache.org%3e

Trust: 0.1

sources: VULHUB: VHN-8918 // BID: 13139 // BID: 10355 // JVNDB: JVNDB-2004-000199 // CNNVD: CNNVD-200407-016 // NVD: CVE-2004-0488

CREDITS

Georgi Guninskiā€» guninski@guninski.com

Trust: 0.6

sources: CNNVD: CNNVD-200407-016

SOURCES

db:VULHUBid:VHN-8918
db:BIDid:13139
db:BIDid:10355
db:JVNDBid:JVNDB-2004-000199
db:CNNVDid:CNNVD-200407-016
db:NVDid:CVE-2004-0488

LAST UPDATE DATE

2024-08-14T13:01:07.751000+00:00


SOURCES UPDATE DATE

db:VULHUBid:VHN-8918date:2017-10-11T00:00:00
db:BIDid:13139date:2006-05-05T23:30:00
db:BIDid:10355date:2008-07-01T00:40:00
db:JVNDBid:JVNDB-2004-000199date:2007-04-01T00:00:00
db:CNNVDid:CNNVD-200407-016date:2022-09-26T00:00:00
db:NVDid:CVE-2004-0488date:2023-11-07T01:56:42.070

SOURCES RELEASE DATE

db:VULHUBid:VHN-8918date:2004-07-07T00:00:00
db:BIDid:13139date:2005-04-12T00:00:00
db:BIDid:10355date:2004-05-17T00:00:00
db:JVNDBid:JVNDB-2004-000199date:2007-04-01T00:00:00
db:CNNVDid:CNNVD-200407-016date:2003-07-18T00:00:00
db:NVDid:CVE-2004-0488date:2004-07-07T04:00:00