Published: 09/02/2005 Updated: 02/02/2024

CVSS v2 Base Score: 6.9 | Impact Score: 10 | Exploitability Score: 3.4

CVSS v3 Base Score: 7.8 | Impact Score: 5.9 | Exploitability Score: 1.8

VMScore: 700

Vector: AV:L/AC:M/Au:N/C:C/I:C/A:C

Buffer overflow in the get_tag function in mod_include for Apache 1.3.x to 1.3.32 allows local users who can create SSI documents to execute arbitrary code as the apache user via SSI (XSSI) documents that trigger a length calculation error.

Vulnerable Product	Search on Vulmon	Subscribe to Product
openpkg openpkg 2.0
openpkg openpkg 2.1
openpkg openpkg 2.2
apache http server
slackware slackware linux 9.0
slackware slackware linux 8.1
slackware slackware linux 10.0
hp hp-ux 11.11
suse suse linux 9.2
suse suse linux 9.0
slackware slackware linux 8.0
suse suse linux 8.2
slackware slackware linux 9.1
slackware slackware linux current
suse suse linux 8.0
trustix secure linux 1.5
hp hp-ux 11.00
hp hp-ux 11.22
suse suse linux 9.1
hp hp-ux 11.20
suse suse linux 8.1

Synopsis apache, mod_ssl security update Type/Severity Security Advisory: Moderate Topic Updated apache and mod_ssl packages that fix various minor security issuesand bugs in the Apache Web server are now available for Red Hat EnterpriseLinux 21 Description The Apache HTTP Server is a pow ...

/********************************************************************************* local exploit for mod_include of apache 13x * written by xCrZx /18102004/ * bug found ...

source: wwwsecurityfocuscom/bid/11471/info The problem presents itself when the affected module attempts to parse mod_include-specific tag values A failure to properly validate the lengths of user-supplied tag strings before copying them into finite buffers facilitates the overflow A local attacker may leverage this issue to execute a ...

CWE-131 http://www.securityfocus.com/bid/11471 http://www.debian.org/security/2004/dsa-594 http://www.redhat.com/support/errata/RHSA-2004-600.html http://www.apacheweek.com/features/security-13 http://securitytracker.com/id?1011783 http://secunia.com/advisories/12898/http://sunsolve.sun.com/search/document.do?assetkey=1-26-102197-1 http://secunia.com/advisories/19073 http://www.redhat.com/support/errata/RHSA-2005-816.html http://support.avaya.com/elmodocs2/security/ASA-2006-081.htm http://www.mandriva.com/security/advisories?name=MDKSA-2004:134 http://www.vupen.com/english/advisories/2006/0789 http://marc.info/?l=bugtraq&m=109906660225051&w=2 https://exchange.xforce.ibmcloud.com/vulnerabilities/17785 https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/re895fc1736d25c8cf57e102c871613b8aeec9ea26fd8a44e7942b5ab%40%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/r5419c9ba0951ef73a655362403d12bb8d10fab38274deb3f005816f5%40%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/rd65d8ba68ba17e7deedafbf5bb4899f2ae4dad781d21b931c2941ac3%40%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/r734a07156abf332d5ab27fb91d9d962cacfef4f3681e44056f064fa8%40%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/rf2f0f3611f937cf6cfb3b4fe4a67f69885855126110e1e3f2fb2728e%40%3Ccvs.httpd.apache.org%3E https://access.redhat.com/errata/RHSA-2004:600 https://nvd.nist.gov https://www.exploit-db.com/exploits/587/

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2004-0940

Vulnerability Summary

Vulnerability Trend

Vendor Advisories

Exploits

References

Vulmon Search

About

Products

Connect