admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-06-12 02:04:49 +00:00
Code Issues Packages Projects Releases Wiki Activity
nvd-json-data-feeds/CVE-2004/CVE-2004-04xx/CVE-2004-0493.json
cad-safe-bot b47d02a333 Auto-Update: 2023-11-07T21:02:52.274489+00:00
2023-11-07 21:03:21 +00:00

268 lines
9.4 KiB
JSON
Raw Blame History

{
"id": "CVE-2004-0493",
"sourceIdentifier": "cve@mitre.org",
"published": "2004-08-06T04:00:00.000",
"lastModified": "2023-11-07T01:56:42.347",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
"value": "The ap_get_mime_headers_core function in Apache httpd 2.0.49 allows remote attackers to cause a denial of service (memory exhaustion), and possibly an integer signedness error leading to a heap-based buffer overflow on 64 bit systems, via long header lines with large numbers of space or tab characters."
},
{
"lang": "es",
"value": "La funci\u00f3n ap_get_mime_headers_core de Apache httpd 2.0.49 permite a atacantes remotos causar una denegaci\u00f3n de servicio (consumici\u00f3n de memoria) y posiblemente un error de entero sin signo que conduce a un desbordamiento de b\u00fafer basado en el mont\u00f3n en en sistemas de 64 bits, mediante l\u00edneas de cabecera largas con muchos caract\u00e9res espacio o tabulador."
}
],
"vendorComments": [
{
"organization": "Apache",
"comment": "Fixed in Apache HTTP Server 2.0.50:\nhttp://httpd.apache.org/security/vulnerabilities_20.html",
"lastModified": "2008-07-02T00:00:00"
}
],
"metrics": {
"cvssMetricV2": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "2.0",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:P",
"accessVector": "NETWORK",
"accessComplexity": "LOW",
"authentication": "NONE",
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"availabilityImpact": "PARTIAL",
"baseScore": 6.4
},
"baseSeverity": "MEDIUM",
"exploitabilityScore": 10.0,
"impactScore": 4.9,
"acInsufInfo": false,
"obtainAllPrivilege": false,
"obtainUserPrivilege": false,
"obtainOtherPrivilege": false,
"userInteractionRequired": false
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:h:avaya:converged_communications_server:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E586558A-ABC3-42EB-8B4D-DC92A0D695E6"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:gentoo:linux:1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "65ED9D8C-604D-4B0B-A192-C0DA4D2E9AEB"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:trustix:secure_linux:1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "39605B96-BAD6-45C9-BB9A-43D6E2C51ADD"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:trustix:secure_linux:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "53AF1A2D-B0A2-4097-AD1D-DF3AF27171BA"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:trustix:secure_linux:2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A67735E5-E43E-4164-BDB2-ADC6E0288E9F"
}
]
}
]
},
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:apache:http_server:2.0.47:*:*:*:*:*:*:*",
"matchCriteriaId": "AFE732B5-00C9-4443-97E0-1DF21475C26B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:apache:http_server:2.0.48:*:*:*:*:*:*:*",
"matchCriteriaId": "C79C41D3-6894-4F2D-B8F8-82AB4780A824"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:apache:http_server:2.0.49:*:*:*:*:*:*:*",
"matchCriteriaId": "449A5647-CEA6-4314-9DB8-D086F388E1C7"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ibm:http_server:2.0.42:*:*:*:*:*:*:*",
"matchCriteriaId": "4BBE18AC-99F8-4D82-8724-B99E82F6892E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ibm:http_server:2.0.42.1:*:*:*:*:*:*:*",
"matchCriteriaId": "AB9075EC-9B80-45F8-AEDF-04A8C49C7C74"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ibm:http_server:2.0.42.2:*:*:*:*:*:*:*",
"matchCriteriaId": "6F49DC1E-B67A-46CB-83B1-24FAFBDBE9E6"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ibm:http_server:2.0.47:*:*:*:*:*:*:*",
"matchCriteriaId": "9674B2D8-8235-4AB1-AB6D-285704774EEB"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ibm:http_server:2.0.47.1:*:*:*:*:*:*:*",
"matchCriteriaId": "8673FFC4-36B3-4E61-8007-099E9568ECCA"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:h:avaya:s8300:r2.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "20C0BD87-CE4B-49D2-89BE-EF282C43AD72"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:h:avaya:s8500:r2.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "FE76357A-27E6-4D85-9AA0-1BB658C41568"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:h:avaya:s8700:r2.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "AEF6C16F-8EDF-4A24-BFEF-6A304D654EEB"
}
]
}
]
}
],
"references": [
{
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2004-June/023133.html",
"source": "cve@mitre.org"
},
{
"url": "http://marc.info/?l=bugtraq&m=108853066800184&w=2",
"source": "cve@mitre.org"
},
{
"url": "http://marc.info/?l=bugtraq&m=109181600614477&w=2",
"source": "cve@mitre.org"
},
{
"url": "http://security.gentoo.org/glsa/glsa-200407-03.xml",
"source": "cve@mitre.org"
},
{
"url": "http://www.apacheweek.com/features/security-20",
"source": "cve@mitre.org"
},
{
"url": "http://www.guninski.com/httpd1.html",
"source": "cve@mitre.org"
},
{
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:064",
"source": "cve@mitre.org"
},
{
"url": "http://www.redhat.com/support/errata/RHSA-2004-342.html",
"source": "cve@mitre.org"
},
{
"url": "http://www.securityfocus.com/bid/10619",
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Patch",
"Vendor Advisory"
]
},
{
"url": "http://www.trustix.org/errata/2004/0039/",
"source": "cve@mitre.org"
},
{
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16524",
"source": "cve@mitre.org"
},
{
"url": "https://lists.apache.org/thread.html/54a42d4b01968df1117cea77fc53d6beb931c0e05936ad02af93e9ac%40%3Ccvs.httpd.apache.org%3E",
"source": "cve@mitre.org"
},
{
"url": "https://lists.apache.org/thread.html/5df9bfb86a3b054bb985a45ff9250b0332c9ecc181eec232489e7f79%40%3Ccvs.httpd.apache.org%3E",
"source": "cve@mitre.org"
},
{
"url": "https://lists.apache.org/thread.html/r0276683d8e1e07153fc8642618830ac0ade85b9ae0dc7b07f63bb8fc%40%3Ccvs.httpd.apache.org%3E",
"source": "cve@mitre.org"
},
{
"url": "https://lists.apache.org/thread.html/r2cb985de917e7da0848c440535f65a247754db8b2154a10089e4247b%40%3Ccvs.httpd.apache.org%3E",
"source": "cve@mitre.org"
},
{
"url": "https://lists.apache.org/thread.html/r5001ecf3d6b2bdd0b732e527654248abb264f08390045d30709a92f6%40%3Ccvs.httpd.apache.org%3E",
"source": "cve@mitre.org"
},
{
"url": "https://lists.apache.org/thread.html/r734a07156abf332d5ab27fb91d9d962cacfef4f3681e44056f064fa8%40%3Ccvs.httpd.apache.org%3E",
"source": "cve@mitre.org"
},
{
"url": "https://lists.apache.org/thread.html/r8828e649175df56f1f9e3919938ac7826128525426e2748f0ab62feb%40%3Ccvs.httpd.apache.org%3E",
"source": "cve@mitre.org"
},
{
"url": "https://lists.apache.org/thread.html/r9e8622254184645bc963a1d47c5d47f6d5a36d6f080d8d2c43b2b142%40%3Ccvs.httpd.apache.org%3E",
"source": "cve@mitre.org"
},
{
"url": "https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E",
"source": "cve@mitre.org"
},
{
"url": "https://lists.apache.org/thread.html/rd65d8ba68ba17e7deedafbf5bb4899f2ae4dad781d21b931c2941ac3%40%3Ccvs.httpd.apache.org%3E",
"source": "cve@mitre.org"
},
{
"url": "https://lists.apache.org/thread.html/re895fc1736d25c8cf57e102c871613b8aeec9ea26fd8a44e7942b5ab%40%3Ccvs.httpd.apache.org%3E",
"source": "cve@mitre.org"
},
{
"url": "https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E",
"source": "cve@mitre.org"
},
{
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10605",
"source": "cve@mitre.org"
}
]
}
Reference in New Issue View Git Blame Copy Permalink