4.6
CVSSv2

CVE-2004-0747

Published: 20/10/2004 Updated: 06/06/2021
CVSS v2 Base Score: 4.6 | Impact Score: 6.4 | Exploitability Score: 3.9
VMScore: 409
Vector: AV:L/AC:L/Au:N/C:P/I:P/A:P

Vulnerability Summary

Buffer overflow in Apache 2.0.50 and previous versions allows local users to gain apache privileges via a .htaccess file that causes the overflow during expansion of environment variables.

Most Upvoted Vulmon Research Post

There is no Researcher post for this vulnerability
Would you like to share something about it? Sign up now to share your knowledge with the community.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

apache http server 2.0

apache http server 2.0.28

apache http server 2.0.40

apache http server 2.0.41

apache http server 2.0.48

apache http server 2.0.49

apache http server 2.0.32

apache http server 2.0.35

apache http server 2.0.42

apache http server 2.0.43

apache http server 2.0.50

apache http server 2.0.36

apache http server 2.0.37

apache http server 2.0.44

apache http server 2.0.45

apache http server 2.0.38

apache http server 2.0.39

apache http server 2.0.46

apache http server 2.0.47

Vendor Advisories

Synopsis httpd security update Type/Severity Security Advisory: Moderate Topic Updated httpd packages that include fixes for security issues are nowavailable Description The Apache HTTP server is a powerful, full-featured, efficient, andfreely-available Web serverFour issues have been dis ...

References

NVD-CWE-Otherhttp://www.redhat.com/support/errata/RHSA-2004-463.htmlhttp://www.gentoo.org/security/en/glsa/glsa-200409-21.xmlhttp://www.mandrakesecure.net/en/advisories/advisory.php?name=MDKSA-2004:096http://www.novell.com/linux/security/advisories/2004_32_apache2.htmlhttp://www.trustix.org/errata/2004/0047/http://www.kb.cert.org/vuls/id/481998http://securitytracker.com/id?1011303http://secunia.com/advisories/12540http://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=205147http://secunia.com/advisories/34920http://www.vupen.com/english/advisories/2009/1233https://exchange.xforce.ibmcloud.com/vulnerabilities/17384https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11561https://lists.apache.org/thread.html/54a42d4b01968df1117cea77fc53d6beb931c0e05936ad02af93e9ac@%3Ccvs.httpd.apache.org%3Ehttps://lists.apache.org/thread.html/5df9bfb86a3b054bb985a45ff9250b0332c9ecc181eec232489e7f79@%3Ccvs.httpd.apache.org%3Ehttps://lists.apache.org/thread.html/r0276683d8e1e07153fc8642618830ac0ade85b9ae0dc7b07f63bb8fc@%3Ccvs.httpd.apache.org%3Ehttps://lists.apache.org/thread.html/r8828e649175df56f1f9e3919938ac7826128525426e2748f0ab62feb@%3Ccvs.httpd.apache.org%3Ehttps://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9@%3Ccvs.httpd.apache.org%3Ehttps://lists.apache.org/thread.html/rd65d8ba68ba17e7deedafbf5bb4899f2ae4dad781d21b931c2941ac3@%3Ccvs.httpd.apache.org%3Ehttps://lists.apache.org/thread.html/re895fc1736d25c8cf57e102c871613b8aeec9ea26fd8a44e7942b5ab@%3Ccvs.httpd.apache.org%3Ehttps://lists.apache.org/thread.html/r2cb985de917e7da0848c440535f65a247754db8b2154a10089e4247b@%3Ccvs.httpd.apache.org%3Ehttps://lists.apache.org/thread.html/r9e8622254184645bc963a1d47c5d47f6d5a36d6f080d8d2c43b2b142@%3Ccvs.httpd.apache.org%3Ehttps://lists.apache.org/thread.html/r734a07156abf332d5ab27fb91d9d962cacfef4f3681e44056f064fa8@%3Ccvs.httpd.apache.org%3Ehttps://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920@%3Ccvs.httpd.apache.org%3Ehttps://lists.apache.org/thread.html/r8c9983f1172a3415f915ddb7e14de632d2d0c326eb1285755a024165@%3Ccvs.httpd.apache.org%3Ehttps://lists.apache.org/thread.html/r5001ecf3d6b2bdd0b732e527654248abb264f08390045d30709a92f6@%3Ccvs.httpd.apache.org%3Ehttps://access.redhat.com/errata/RHSA-2004:463https://nvd.nist.govhttps://www.kb.cert.org/vuls/id/481998