Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2003-1171

Overview

Vulnerability Score 7.5 7.5
CVE Id CVE-2003-1171
Last Modified 05 Sep 2008 04:36:13
Published 31 Dec 2003 12:00:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2003-1171

Summary

Heap-based buffer overflow in the sec_filter_out function in mod_security 1.7RC1 through 1.7.1 in Apache 2 allows remote attackers to execute arbitrary code via a server side script that sends a large amount of data.

Vulnerable Systems

Application

  • Mod Security 1.7

  • Mod Security 1.7.1


References

XF - mod-security-secfilterout-bo(13543)

BID - 8919

BUGTRAQ - 20031028 mod_security 1.7RC1 to 1.7.1 vulnerability

SECTRACK - 1008025

SECUNIA - 10085

CONFIRM - http://www.modsecurity.org/download/CHANGES

MISC - http://adsystems.com.pl/adg-mod_security171.txt


Last Updated: 27 May 2016 10:38:16