Vulnerabilities > CVE-2004-0700
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
PARTIAL Integrity impact
PARTIAL Availability impact
PARTIAL Summary
Format string vulnerability in the mod_proxy hook functions function in ssl_engine_log.c in mod_ssl before 2.8.19 for Apache before 1.3.31 may allow remote attackers to execute arbitrary messages via format string specifiers in certain log messages for HTTPS that are handled by the ssl_log function.
Vulnerable Configurations
Nessus
NASL family FreeBSD Local Security Checks NASL id FREEBSD_APACHE+SSL_13312819.NASL description The following package needs to be updated: apache+mod_ssl+ipv6 last seen 2016-09-26 modified 2011-10-03 plugin id 15509 published 2004-10-19 reporter Tenable source https://www.tenable.com/plugins/index.php?view=single&id=15509 title FreeBSD : apache13-modssl -- format string vulnerability in proxy support (8) code #%NASL_MIN_LEVEL 999999 # @DEPRECATED@ # # This script has been deprecated by freebsd_pkg_18974c8a1fbd11d9814e0001020eed82.nasl. # # Disabled on 2011/10/02. # # # (C) Tenable Network Security, Inc. # # This script contains information extracted from VuXML : # # Copyright 2003-2006 Jacques Vidrine and contributors # # Redistribution and use in source (VuXML) and 'compiled' forms (SGML, # HTML, PDF, PostScript, RTF and so forth) with or without modification, # are permitted provided that the following conditions are met: # 1. Redistributions of source code (VuXML) must retain the above # copyright notice, this list of conditions and the following # disclaimer as the first lines of this file unmodified. # 2. Redistributions in compiled form (transformed to other DTDs, # published online in any format, converted to PDF, PostScript, # RTF and other formats) must reproduce the above copyright # notice, this list of conditions and the following disclaimer # in the documentation and/or other materials provided with the # distribution. # # THIS DOCUMENTATION IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS "AS IS" # AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, # THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR # PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS # BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, # OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT # OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR # BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, # WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE # OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS DOCUMENTATION, # EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. # # # include('compat.inc'); if ( description ) { script_id(15509); script_version("1.12"); script_bugtraq_id(10736); script_cve_id("CVE-2004-0700"); script_name(english:"FreeBSD : apache13-modssl -- format string vulnerability in proxy support (8)"); script_set_attribute(attribute:'synopsis', value: 'The remote host is missing a security update'); script_set_attribute(attribute:'description', value:'The following package needs to be updated: apache+mod_ssl+ipv6'); script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P"); script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C"); script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available"); script_set_attribute(attribute:"exploit_available", value:"false"); script_set_attribute(attribute:'solution', value: 'Update the package on the remote host'); script_set_attribute(attribute: 'see_also', value: 'http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=482 http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=483 http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=564 http://packetstormsecurity.org/0407-advisories/modsslFormat.txt http://secunia.com/advisories/32200/ http://www.mozilla.org/security/announce/2007/mfsa2007-01.html http://www.mozilla.org/security/announce/2007/mfsa2007-02.html http://www.openpkg.org/security/OpenPKG-SA-2004.032-apache.html http://www.opera.com/support/search/view/861/ http://www.squid-cache.org/Versions/v2/2.5/bugs/#squid-2.5.STABLE7-gopher_html_parsing'); script_set_attribute(attribute:'see_also', value: 'http://www.FreeBSD.org/ports/portaudit/18974c8a-1fbd-11d9-814e-0001020eed82.html'); script_set_attribute(attribute:"plugin_publication_date", value: "2004/10/19"); script_cvs_date("Date: 2018/07/20 0:18:52"); script_end_attributes(); script_summary(english:"Check for apache+mod_ssl+ipv6"); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2004-2018 Tenable Network Security, Inc."); family["english"] = "FreeBSD Local Security Checks"; script_family(english:family["english"]); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/FreeBSD/pkg_info"); exit(0); } # Deprecated. exit(0, "This plugin has been deprecated. Refer to plugin #36579 (freebsd_pkg_18974c8a1fbd11d9814e0001020eed82.nasl) instead."); global_var cvss_score; cvss_score=7; include('freebsd_package.inc'); pkg_test(pkg:"apache+mod_ssl<1.3.31+2.8.19"); pkg_test(pkg:"apache+mod_ssl+ipv6<1.3.31+2.8.19"); pkg_test(pkg:"ru-apache+mod_ssl<1.3.31+30.20+2.8.19");
NASL family FreeBSD Local Security Checks NASL id FREEBSD_PKG_18974C8A1FBD11D9814E0001020EED82.NASL description A OpenPKG Security Advisory reports : Triggered by a report to Packet Storm from Virulent, a format string vulnerability was found in mod_ssl, the Apache SSL/TLS interface to OpenSSL, version (up to and including) 2.8.18 for Apache 1.3. The mod_ssl in Apache 2.x is not affected. The vulnerability could be exploitable if Apache is used as a proxy for HTTPS URLs and the attacker established a own specially prepared DNS and origin server environment. last seen 2020-06-01 modified 2020-06-02 plugin id 36579 published 2009-04-23 reporter This script is Copyright (C) 2009-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/36579 title FreeBSD : apache13-modssl -- format string vulnerability in proxy support (18974c8a-1fbd-11d9-814e-0001020eed82) code #%NASL_MIN_LEVEL 80502 # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from the FreeBSD VuXML database : # # Copyright 2003-2018 Jacques Vidrine and contributors # # Redistribution and use in source (VuXML) and 'compiled' forms (SGML, # HTML, PDF, PostScript, RTF and so forth) with or without modification, # are permitted provided that the following conditions are met: # 1. Redistributions of source code (VuXML) must retain the above # copyright notice, this list of conditions and the following # disclaimer as the first lines of this file unmodified. # 2. Redistributions in compiled form (transformed to other DTDs, # published online in any format, converted to PDF, PostScript, # RTF and other formats) must reproduce the above copyright # notice, this list of conditions and the following disclaimer # in the documentation and/or other materials provided with the # distribution. # # THIS DOCUMENTATION IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS "AS IS" # AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, # THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR # PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS # BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, # OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT # OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR # BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, # WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE # OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS DOCUMENTATION, # EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. # include("compat.inc"); if (description) { script_id(36579); script_version("1.16"); script_cvs_date("Date: 2019/08/02 13:32:36"); script_cve_id("CVE-2004-0700"); script_bugtraq_id(10736); script_xref(name:"CERT", value:"303448"); script_name(english:"FreeBSD : apache13-modssl -- format string vulnerability in proxy support (18974c8a-1fbd-11d9-814e-0001020eed82)"); script_summary(english:"Checks for updated packages in pkg_info output"); script_set_attribute( attribute:"synopsis", value: "The remote FreeBSD host is missing one or more security-related updates." ); script_set_attribute( attribute:"description", value: "A OpenPKG Security Advisory reports : Triggered by a report to Packet Storm from Virulent, a format string vulnerability was found in mod_ssl, the Apache SSL/TLS interface to OpenSSL, version (up to and including) 2.8.18 for Apache 1.3. The mod_ssl in Apache 2.x is not affected. The vulnerability could be exploitable if Apache is used as a proxy for HTTPS URLs and the attacker established a own specially prepared DNS and origin server environment." ); # http://www.openpkg.org/security/OpenPKG-SA-2004.032-apache.html script_set_attribute( attribute:"see_also", value:"http://meta.openpkg.org/global-sitemap.php" ); # http://packetstormsecurity.org/0407-advisories/modsslFormat.txt script_set_attribute( attribute:"see_also", value:"https://packetstormsecurity.com/0407-advisories/modsslFormat.txt" ); # http://marc.theaimsgroup.com/?l=apache-modssl&m=109001100906749 script_set_attribute( attribute:"see_also", value:"https://marc.info/?l=apache-modssl&m=109001100906749" ); # https://vuxml.freebsd.org/freebsd/18974c8a-1fbd-11d9-814e-0001020eed82.html script_set_attribute( attribute:"see_also", value:"http://www.nessus.org/u?2a568480" ); script_set_attribute(attribute:"solution", value:"Update the affected packages."); script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P"); script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C"); script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available"); script_set_attribute(attribute:"exploit_available", value:"false"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:freebsd:freebsd:apache+mod_ssl"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:freebsd:freebsd:apache+mod_ssl+ipv6"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:freebsd:freebsd:ru-apache+mod_ssl"); script_set_attribute(attribute:"cpe", value:"cpe:/o:freebsd:freebsd"); script_set_attribute(attribute:"vuln_publication_date", value:"2004/07/16"); script_set_attribute(attribute:"patch_publication_date", value:"2004/10/17"); script_set_attribute(attribute:"plugin_publication_date", value:"2009/04/23"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2009-2019 and is owned by Tenable, Inc. or an Affiliate thereof."); script_family(english:"FreeBSD Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/FreeBSD/release", "Host/FreeBSD/pkg_info"); exit(0); } include("audit.inc"); include("freebsd_package.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); if (!get_kb_item("Host/FreeBSD/release")) audit(AUDIT_OS_NOT, "FreeBSD"); if (!get_kb_item("Host/FreeBSD/pkg_info")) audit(AUDIT_PACKAGE_LIST_MISSING); flag = 0; if (pkg_test(save_report:TRUE, pkg:"apache+mod_ssl<1.3.31+2.8.19")) flag++; if (pkg_test(save_report:TRUE, pkg:"apache+mod_ssl+ipv6<1.3.31+2.8.19")) flag++; if (pkg_test(save_report:TRUE, pkg:"ru-apache+mod_ssl<1.3.31+30.20+2.8.19")) flag++; if (flag) { if (report_verbosity > 0) security_hole(port:0, extra:pkg_report_get()); else security_hole(0); exit(0); } else audit(AUDIT_HOST_NOT, "affected");
NASL family Red Hat Local Security Checks NASL id REDHAT-RHSA-2004-408.NASL description An updated mod_ssl package for Apache that fixes a format string vulnerability is now available. The mod_ssl module provides strong cryptography for the Apache Web server via the Secure Sockets Layer (SSL) and Transport Layer Security (TLS) protocols. A format string issue was discovered in mod_ssl for Apache 1.3 which can be triggered if mod_ssl is configured to allow a client to proxy to remote SSL sites. In order to exploit this issue, a user who is authorized to use Apache as a proxy would have to attempt to connect to a carefully crafted hostname via SSL. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2004-0700 to this issue. Users of mod_ssl should upgrade to this updated package, which contains a backported patch to correct this issue. last seen 2020-06-01 modified 2020-06-02 plugin id 14698 published 2004-09-09 reporter This script is Copyright (C) 2004-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/14698 title RHEL 2.1 : mod_ssl (RHSA-2004:408) code #%NASL_MIN_LEVEL 80502 # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from Red Hat Security Advisory RHSA-2004:408. The text # itself is copyright (C) Red Hat, Inc. # include("compat.inc"); if (description) { script_id(14698); script_version ("1.25"); script_cvs_date("Date: 2019/10/25 13:36:10"); script_cve_id("CVE-2004-0700"); script_xref(name:"RHSA", value:"2004:408"); script_name(english:"RHEL 2.1 : mod_ssl (RHSA-2004:408)"); script_summary(english:"Checks the rpm output for the updated package"); script_set_attribute( attribute:"synopsis", value:"The remote Red Hat host is missing a security update." ); script_set_attribute( attribute:"description", value: "An updated mod_ssl package for Apache that fixes a format string vulnerability is now available. The mod_ssl module provides strong cryptography for the Apache Web server via the Secure Sockets Layer (SSL) and Transport Layer Security (TLS) protocols. A format string issue was discovered in mod_ssl for Apache 1.3 which can be triggered if mod_ssl is configured to allow a client to proxy to remote SSL sites. In order to exploit this issue, a user who is authorized to use Apache as a proxy would have to attempt to connect to a carefully crafted hostname via SSL. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2004-0700 to this issue. Users of mod_ssl should upgrade to this updated package, which contains a backported patch to correct this issue." ); script_set_attribute( attribute:"see_also", value:"https://access.redhat.com/security/cve/cve-2004-0700" ); script_set_attribute( attribute:"see_also", value:"https://access.redhat.com/errata/RHSA-2004:408" ); script_set_attribute( attribute:"solution", value:"Update the affected mod_ssl package." ); script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:mod_ssl"); script_set_attribute(attribute:"cpe", value:"cpe:/o:redhat:enterprise_linux:2.1"); script_set_attribute(attribute:"vuln_publication_date", value:"2004/07/27"); script_set_attribute(attribute:"patch_publication_date", value:"2004/09/07"); script_set_attribute(attribute:"plugin_publication_date", value:"2004/09/09"); script_set_attribute(attribute:"generated_plugin", value:"current"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2004-2019 and is owned by Tenable, Inc. or an Affiliate thereof."); script_family(english:"Red Hat Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/RedHat/release", "Host/RedHat/rpm-list", "Host/cpu"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("misc_func.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); release = get_kb_item("Host/RedHat/release"); if (isnull(release) || "Red Hat" >!< release) audit(AUDIT_OS_NOT, "Red Hat"); os_ver = pregmatch(pattern: "Red Hat Enterprise Linux.*release ([0-9]+(\.[0-9]+)?)", string:release); if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Red Hat"); os_ver = os_ver[1]; if (! preg(pattern:"^2\.1([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, "Red Hat 2.1", "Red Hat " + os_ver); if (!get_kb_item("Host/RedHat/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING); cpu = get_kb_item("Host/cpu"); if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH); if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$" && "s390" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Red Hat", cpu); if (cpu !~ "^i[3-6]86$") audit(AUDIT_ARCH_NOT, "i386", cpu); yum_updateinfo = get_kb_item("Host/RedHat/yum-updateinfo"); if (!empty_or_null(yum_updateinfo)) { rhsa = "RHSA-2004:408"; yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa); if (!empty_or_null(yum_report)) { security_report_v4( port : 0, severity : SECURITY_HOLE, extra : yum_report ); exit(0); } else { audit_message = "affected by Red Hat security advisory " + rhsa; audit(AUDIT_OS_NOT, audit_message); } } else { flag = 0; if (rpm_check(release:"RHEL2.1", cpu:"i386", reference:"mod_ssl-2.8.12-6")) flag++; if (flag) { security_report_v4( port : 0, severity : SECURITY_HOLE, extra : rpm_report_get() + redhat_report_package_caveat() ); exit(0); } else { tested = pkg_tests_get(); if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested); else audit(AUDIT_PACKAGE_NOT_INSTALLED, "mod_ssl"); } }
NASL family Web Servers NASL id MOD_SSL_HOOK_FUNCTIONS_FORMAT_STRING_VULN.NASL description The remote host is using a version vulnerable of mod_ssl which is older than 2.8.19. There is a format string condition in the log functions of the remote module which may allow an attacker to execute arbitrary code on the remote host. *** Some vendors patched older versions of mod_ssl, so this *** might be a false positive. Check with your vendor to determine *** if you have a version of mod_ssl that is patched for this *** vulnerability last seen 2020-06-01 modified 2020-06-02 plugin id 13651 published 2004-07-16 reporter This script is Copyright (C) 2004-2018 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/13651 title Apache mod_ssl ssl_engine_log.c mod_proxy Hook Function Remote Format String code # # (C) Tenable Network Security, Inc. # include("compat.inc"); if (description) { script_id(13651); script_version("1.26"); script_set_attribute(attribute:"plugin_modification_date", value:"2020/06/12"); script_cve_id("CVE-2004-0700"); script_bugtraq_id(10736); script_name(english:"Apache mod_ssl ssl_engine_log.c mod_proxy Hook Function Remote Format String"); script_summary(english:"Checks for version of mod_ssl"); script_set_attribute(attribute:"synopsis", value: "The remote web server is using a module that is affected by a remote code execution vulnerability."); script_set_attribute(attribute:"description", value: "The remote host is using a version vulnerable of mod_ssl which is older than 2.8.19. There is a format string condition in the log functions of the remote module which may allow an attacker to execute arbitrary code on the remote host. *** Some vendors patched older versions of mod_ssl, so this *** might be a false positive. Check with your vendor to determine *** if you have a version of mod_ssl that is patched for this *** vulnerability"); script_set_attribute(attribute:"see_also", value:"http://marc.info/?l=apache-modssl&m=109001100906749&w=2"); script_set_attribute(attribute:"see_also", value:"https://marc.info/?l=bugtraq&m=109005001205991&w=2"); script_set_attribute(attribute:"solution", value: "Upgrade to mod_ssl version 2.8.19 or newer"); script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P"); script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C"); script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available"); script_set_attribute(attribute:"exploit_available", value:"false"); script_set_attribute(attribute:"plugin_publication_date", value:"2004/07/16"); script_set_attribute(attribute:"vuln_publication_date", value:"2004/07/16"); script_set_attribute(attribute:"plugin_type", value:"remote"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2004-2020 Tenable Network Security, Inc."); script_family(english:"Web Servers"); script_dependencie("http_version.nasl"); script_require_ports("Services/www", 80); script_require_keys("www/apache"); exit(0); } # # The script code starts here # include("http_func.inc"); include('backport.inc'); if ( get_kb_item("CVE-2004-0700") ) exit(0); port = get_http_port(default:80, embedded:TRUE); if(get_port_state(port)) { banner = get_backport_banner(banner:get_http_banner(port:port)); if(!banner || backported )exit(0); if ( "Darwin" >< banner )exit(0); serv = strstr(banner, "Server"); if("Apache/" >!< serv ) exit(0); if("Apache/2" >< serv) exit(0); if("Apache-AdvancedExtranetServer/2" >< serv)exit(0); if(ereg(pattern:".*mod_ssl/(1.*|2\.([0-7]\..*|8\.([0-9]|1[0-8])[^0-9])).*", string:serv)) { security_hole(port); } }
NASL family Red Hat Local Security Checks NASL id REDHAT-RHSA-2008-0523.NASL description Red Hat Network Proxy Server version 4.2.3 is now available. This update includes fixes for a number of security issues in Red Hat Network Proxy Server components. This update has been rated as having low security impact by the Red Hat Security Response Team. The Red Hat Network Proxy Server 4.2.3 release corrects several security vulnerabilities in several shipped components. In a typical operating environment, these components are not exposed to users of Proxy Server in a vulnerable manner. These security updates will reduce risk in unique Proxy Server environments. Multiple flaws were fixed in the Apache HTTPD server. These flaws could result in a cross-site scripting or denial-of-service attack. (CVE-2007-6388, CVE-2007-5000, CVE-2007-4465, CVE-2007-3304, CVE-2006-5752, CVE-2006-3918, CVE-2005-3352) A denial-of-service flaw was fixed in mod_perl. (CVE-2007-1349) Multiple flaws in mod_ssl. (CVE-2004-0488, CVE-2004-0700, CVE-2004-0885) A denial-of-service flaw was fixed in the jabberd server. (CVE-2006-1329) Users of Red Hat Network Proxy Server 4.2 are advised to upgrade to 4.2.3, which resolves these issues. last seen 2020-06-01 modified 2020-06-02 plugin id 63857 published 2013-01-24 reporter This script is Copyright (C) 2013-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/63857 title RHEL 3 / 4 : Proxy Server (RHSA-2008:0523) NASL family Ubuntu Local Security Checks NASL id UBUNTU_USN-177-1.NASL description Apache did not honour the last seen 2020-06-01 modified 2020-06-02 plugin id 20587 published 2006-01-15 reporter Ubuntu Security Notice (C) 2005-2019 Canonical, Inc. / NASL script (C) 2006-2016 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/20587 title Ubuntu 4.10 / 5.04 : apache2, libapache-mod-ssl vulnerabilities (USN-177-1) NASL family Debian Local Security Checks NASL id DEBIAN_DSA-532.NASL description Two vulnerabilities were discovered in libapache-mod-ssl : - CAN-2004-0488 Stack-based buffer overflow in the ssl_util_uuencode_binary function in ssl_util.c for Apache mod_ssl, when mod_ssl is configured to trust the issuing CA, may allow remote attackers to execute arbitrary code via a client certificate with a long subject DN. - CAN-2004-0700 Format string vulnerability in the ssl_log function in ssl_engine_log.c in mod_ssl 2.8.19 for Apache 1.3.31 may allow remote attackers to execute arbitrary messages via format string specifiers in certain log messages for HTTPS. last seen 2020-06-01 modified 2020-06-02 plugin id 15369 published 2004-09-29 reporter This script is Copyright (C) 2004-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/15369 title Debian DSA-532-2 : libapache-mod-ssl - several vulnerabilities NASL family Mandriva Local Security Checks NASL id MANDRAKE_MDKSA-2004-075.NASL description Ralf S. Engelschall found a remaining risky call to ssl_log while reviewing code for another issue reported by Virulent. The updated packages are patched to correct the problem. last seen 2020-06-01 modified 2020-06-02 plugin id 14173 published 2004-07-31 reporter This script is Copyright (C) 2004-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/14173 title Mandrake Linux Security Advisory : mod_ssl (MDKSA-2004:075)
Redhat
advisories |
| ||||||||
rpms |
|
References
- http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000857
- http://marc.info/?l=apache-modssl&m=109001100906749&w=2
- http://marc.info/?l=bugtraq&m=109005001205991&w=2
- http://packetstormsecurity.org/0407-advisories/modsslFormat.txt
- http://virulent.siyahsapka.org/
- http://www.debian.org/security/2004/dsa-532
- http://www.kb.cert.org/vuls/id/303448
- http://www.mandrakesecure.net/en/advisories/advisory.php?name=MDKSA-2004:075
- http://www.osvdb.org/7929
- http://www.redhat.com/support/errata/RHSA-2004-405.html
- http://www.redhat.com/support/errata/RHSA-2004-408.html
- http://www.securityfocus.com/bid/10736
- http://www.ubuntu.com/usn/usn-177-1
- https://bugzilla.fedora.us/show_bug.cgi?id=1888
- https://exchange.xforce.ibmcloud.com/vulnerabilities/16705