Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
4.3
CVSSv2

CVE-2003-1307

Published: 31/12/2003 Updated: 11/04/2024
CVSS v2 Base Score: 4.3 | Impact Score: 6.4 | Exploitability Score: 3.1
VMScore: 441
Vector: AV:L/AC:L/Au:S/C:P/I:P/A:P
Subscribe to Apache

Vulnerability Summary

The mod_php module for the Apache HTTP Server allows local users with write access to PHP scripts to send signals to the server's process group and use the server's file descriptors, as demonstrated by sending a STOP signal, then intercepting incoming connections on the server's TCP port. NOTE: the PHP developer has disputed this vulnerability, saying "The opened file descriptors are opened by Apache. It is the job of Apache to protect them ... Not a bug in PHP.

Vulnerable Product Search on Vulmon Subscribe to Product

apache http server 2.0.42

apache http server 2.0.47

apache http server 2.0.28

apache http server 2.0.35

apache http server 2.0.37

apache http server 2.0.32

apache http server 2.0.44

apache http server 2.0.34

apache http server 2.0.39

apache http server 2.0.46

apache http server 2.0.41

apache http server 2.0.9

apache http server 2.0.38

apache http server 2.0.48

apache http server 2.0.45

apache http server 2.0.40

apache http server 2.0.36

apache http server 2.0.43

apache http server 2.0

Exploits

Exploit DB: Apache 2.0.4x mod_php - File Descriptor Leakage (1)
source: wwwsecurityfocuscom/bid/9302/info Reportedly, the Apache mod_php module may be prone to a vulnerability that may allow a local attacker to gain access to privileged file descriptors As a result, the attacker may pose as a legitimate server and possibly steal or manipulate sensitive information #include <stdioh> #include ...
Exploit DB: Apache 2.0.4x mod_php - File Descriptor Leakage (2)
source: wwwsecurityfocuscom/bid/9302/info Reportedly, the Apache mod_php module may be prone to a vulnerability that may allow a local attacker to gain access to privileged file descriptors As a result, the attacker may pose as a legitimate server and possibly steal or manipulate sensitive information # apache's access_log can be over ...

Github Repositories

https://github.com/actions-marketplace-validations/cynalytica_container-scan

Container Scan This action is a clone with modifications to the Azure Container Scan Github action This action can be used to help you add some additional checks to help you secure your Docker Images in your CI This would help you attain some confidence in your docker image before pushing them to your container registry or a deployment It internally uses Trivy for running ce

https://github.com/cynalytica/container-scan

Clone of Azure/container-scan

Container Scan This action is a clone with modifications to the Azure Container Scan Github action This action can be used to help you add some additional checks to help you secure your Docker Images in your CI This would help you attain some confidence in your docker image before pushing them to your container registry or a deployment It internally uses Trivy for running ce

References

NVD-CWE-Otherhttp://www.securityfocus.com/archive/1/348368http://bugs.php.net/38915http://hackerdom.ru/~dimmo/phpexpl.chttp://www.securityfocus.com/bid/9302http://www.securityfocus.com/archive/1/449298/100/0/threadedhttp://www.securityfocus.com/archive/1/449234/100/0/threadedhttps://nvd.nist.govhttps://github.com/actions-marketplace-validations/cynalytica_container-scanhttps://github.com/cynalytica/container-scanhttps://www.exploit-db.com/exploits/23481/
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-30924CVE-2024-3400overflowCVE-2024-23528CVE-2024-21338CVE-2024-3818CVE-2024-23535NULL pointer dereferenceelevation of privilege
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook