Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2004-0747

Overview

Vulnerability Score 4.6 4.6
CVE Id CVE-2004-0747
Last Modified 21 Aug 2010 12:21:11
Published 20 Oct 2004 12:00:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector LOCAL
Access Complexity LOW
Authentication NONE

CVE-2004-0747

Summary

Buffer overflow in Apache 2.0.50 and earlier allows local users to gain apache privileges via a .htaccess file that causes the overflow during expansion of environment variables.

Vulnerable Systems

Application

  • Apache Http Server 2.0

  • Apache Http Server 2.0.28

  • Apache Http Server 2.0.32

  • Apache Http Server 2.0.35

  • Apache Http Server 2.0.36

  • Apache Http Server 2.0.37

  • Apache Http Server 2.0.38

  • Apache Http Server 2.0.39

  • Apache Http Server 2.0.40

  • Apache Http Server 2.0.41

  • Apache Http Server 2.0.42

  • Apache Http Server 2.0.43

  • Apache Http Server 2.0.44

  • Apache Http Server 2.0.45

  • Apache Http Server 2.0.46

  • Apache Http Server 2.0.47

  • Apache Http Server 2.0.48

  • Apache Http Server 2.0.49

  • Apache Http Server 2.0.50


References

CERT-VN - VU#481998

REDHAT - RHSA-2004:463

XF - apache-env-configuration-bo(17384)

VUPEN - ADV-2009-1233

TRUSTIX - 2004-0047

SUSE - SUSE-SA:2004:032

MANDRAKE - MDKSA-2004:096

GENTOO - GLSA-200409-21

MISC - http://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=205147

SECTRACK - 1011303

SECUNIA - 34920

SECUNIA - 12540


Last Updated: 27 May 2016 10:38:44