Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
4.3
CVSSv2

CVE-2003-1307

Published: 31/12/2003 Updated: 19/10/2018
CVSS v2 Base Score: 4.3 | Impact Score: 6.4 | Exploitability Score: 3.1
VMScore: 442
Vector: AV:L/AC:L/Au:S/C:P/I:P/A:P
Subscribe to Apache

Vulnerability Summary

** DISPUTED ** The mod_php module for the Apache HTTP Server allows local users with write access to PHP scripts to send signals to the server's process group and use the server's file descriptors, as demonstrated by sending a STOP signal, then intercepting incoming connections on the server's TCP port. NOTE: the PHP developer has disputed this vulnerability, saying "The opened file descriptors are opened by Apache. It is the job of Apache to protect them ... Not a bug in PHP."

Most Upvoted Vulmon Research Post

There is no Researcher post for this vulnerability
Would you like to share something about it? Sign up now to share your knowledge with the community.
Vulnerable Product Search on Vulmon Subscribe to Product

apache http server 2.0.28

apache http server 2.0.38

apache http server 2.0.39

apache http server 2.0.34

apache http server 2.0.35

apache http server 2.0.42

apache http server 2.0.43

apache http server 2.0.9

apache http server 2.0

apache http server 2.0.36

apache http server 2.0.37

apache http server 2.0.44

apache http server 2.0.45

apache http server 2.0.46

apache http server 2.0.32

apache http server 2.0.40

apache http server 2.0.41

apache http server 2.0.47

apache http server 2.0.48

Exploits

Exploit DB: Apache 2.0.4x mod_php - File Descriptor Leakage (2)
source: wwwsecurityfocuscom/bid/9302/info Reportedly, the Apache mod_php module may be prone to a vulnerability that may allow a local attacker to gain access to privileged file descriptors As a result, the attacker may pose as a legitimate server and possibly steal or manipulate sensitive information # apache's access_log can be over ...
Exploit DB: Apache 2.0.4x mod_php - File Descriptor Leakage (1)
source: wwwsecurityfocuscom/bid/9302/info Reportedly, the Apache mod_php module may be prone to a vulnerability that may allow a local attacker to gain access to privileged file descriptors As a result, the attacker may pose as a legitimate server and possibly steal or manipulate sensitive information #include <stdioh> #include ...

Github Repositories

Container Scan This action is a clone with modifications to the Azure Container Scan Github action This action can be used to help you add some additional checks to help you secure your Docker Images in your CI This would help you attain some confidence in your docker image before pushing them to your container registry or a deployment It internally uses Trivy for running ce

container-scan

A GitHub action to help you scan your docker image for vulnerabilities

Container Scan This action can be used to help you add some additional checks to help you secure your Docker Images in your CI This would help you attain some confidence in your docker image before pushing them to your container registry or a deployment It internally uses Trivy and Dockle for running certain kinds of scans on these images Trivy helps you find the common vu

Container Scan This action can be used to help you add some additional checks to help you secure your Docker Images in your CI This would help you attain some confidence in your docker image before pushing them to your container registry or a deployment It internally uses Trivy and Dockle for running certain kinds of scans on these images Trivy helps you find the common vu

Container Scan Deprecation Notice This project is no longer actively maintained, and has had some deficiencies for sometime now If anyone is interested to implement the action logic on their own or fork the repo then feel free to do so Adding few consise points below on what this action does, which might help others to replicate it Trivy and Dockle are used internally for r

container-scan

Container Scan This action can be used to help you add some additional checks to help you secure your Docker Images in your CI This would help you attain some confidence in your docker image before pushing them to your container registry or a deployment It internally uses Trivy and Dockle for running certain kinds of scans on these images Trivy helps you find the common vu

container-scan

Container Scan This action can be used to help you add some additional checks to help you secure your Docker Images in your CI This would help you attain some confidence in your docker image before pushing them to your container registry or a deployment It internally uses Trivy and Dockle for running certain kinds of scans on these images Trivy helps you find the common vu

Container Scan This action can be used to help you add some additional checks to help you secure your Docker Images in your CI This would help you attain some confidence in your docker image before pushing them to your container registry or a deployment It internally uses Trivy and Dockle for running certain kinds of scans on these images Trivy helps you find the common vu

References

NVD-CWE-Otherhttp://www.securityfocus.com/archive/1/348368http://bugs.php.net/38915http://hackerdom.ru/~dimmo/phpexpl.chttp://www.securityfocus.com/bid/9302http://www.securityfocus.com/archive/1/449298/100/0/threadedhttp://www.securityfocus.com/archive/1/449234/100/0/threadedhttps://nvd.nist.govhttps://www.exploit-db.com/exploits/23482/https://github.com/Azure/container-scan
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-30758CSRFCVE-2021-44228CVE-2023-33633XPath injectionCVE-2023-33735CVE-2023-29336CVE-2023-34312cache poisoning
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook