Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2003-0542

Overview

Vulnerability Score 7.2 7.2
CVE Id CVE-2003-0542
Last Modified 18 Jul 2013 09:11:13
Published 03 Nov 2003 12:00:00
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector LOCAL
Access Complexity LOW
Authentication NONE

CVE-2003-0542

Summary

Multiple stack-based buffer overflows in (1) mod_alias and (2) mod_rewrite for Apache before 1.3.29 allow attackers to create configuration files to cause a denial of service (crash) or execute arbitrary code via a regular expression with more than 9 captures.

Vulnerable Systems

Application

  • Apache Http Server 1.3

  • Apache Http Server 1.3.1

  • Apache Http Server 1.3.11

  • Apache Http Server 1.3.12

  • Apache Http Server 1.3.14

  • Apache Http Server 1.3.17

  • Apache Http Server 1.3.18

  • Apache Http Server 1.3.19

  • Apache Http Server 1.3.20

  • Apache Http Server 1.3.22

  • Apache Http Server 1.3.23

  • Apache Http Server 1.3.24

  • Apache Http Server 1.3.25

  • Apache Http Server 1.3.26

  • Apache Http Server 1.3.27

  • Apache Http Server 1.3.28

  • Apache Http Server 1.3.3

  • Apache Http Server 1.3.4

  • Apache Http Server 1.3.6

  • Apache Http Server 1.3.9

  • Apache Http Server 2.0

  • Apache Http Server 2.0.28

  • Apache Http Server 2.0.32

  • Apache Http Server 2.0.35

  • Apache Http Server 2.0.36

  • Apache Http Server 2.0.37

  • Apache Http Server 2.0.38

  • Apache Http Server 2.0.39

  • Apache Http Server 2.0.40

  • Apache Http Server 2.0.41

  • Apache Http Server 2.0.42

  • Apache Http Server 2.0.43

  • Apache Http Server 2.0.44

  • Apache Http Server 2.0.45

  • Apache Http Server 2.0.46

  • Apache Http Server 2.0.47


References

CERT-VN - VU#549142

CERT-VN - VU#434566

BID - 8911

REDHAT - RHSA-2004:015

BUGTRAQ - 20031031 GLSA: apache (200310-04)

XF - apache-modalias-modrewrite-bo(13400)

BID - 9504

BUGTRAQ - 20031028 [OpenPKG-SA-2003.046] OpenPKG Security Advisory (apache)

HP - HPSBUX0311-301

REDHAT - RHSA-2005:816

REDHAT - RHSA-2003:405

REDHAT - RHSA-2003:360

REDHAT - RHSA-2003:320

MANDRAKE - MDKSA-2003:103

SUNALERT - 101841

SUNALERT - 101444

SECUNIA - 10593

SECUNIA - 10580

SECUNIA - 10463

SECUNIA - 10264

SECUNIA - 10260

SECUNIA - 10153

SECUNIA - 10114

SECUNIA - 10112

SECUNIA - 10102

SECUNIA - 10098

SECUNIA - 10096

HP - SSRT090208

HP - HPSBOV02683

CONFIRM - http://lists.apple.com/mhonarc/security-announce/msg00045.html

APPLE - APPLE-SA-2004-01-26

CONFIRM - http://httpd.apache.org/dist/httpd/Announcement2.html

CONFIRM - http://docs.info.apple.com/article.html?artnum=61798

SGI - 20040202-01-U

SGI - 20031203-01-U

SCO - SCOSA-2004.6


Last Updated: 27 May 2016 10:37:57