QwikSec

Security Database

CVE

CWE

Training

CVE Database
/

CVE-2004-0492

Back to search

CVE-2004-0492

Published: Jun 23, 2004

Modified: Aug 8, 2024

PUBLISHED

Description

Heap-based buffer overflow in proxy_util.c for mod_proxy in Apache 1.3.25 to 1.3.31 allows remote attackers to cause a denial of service (process crash) and possibly execute arbitrary code via a negative Content-Length HTTP header field, which causes a large amount of data to be copied.

VendorProductVersions

n/a

n/a

affected
n/a

References

FLSA:1737
vendor-advisory
x_refsource_FEDORA
RHSA-2004:245
vendor-advisory
x_refsource_REDHAT
SSRT090208
vendor-advisory
x_refsource_HP
57628
vendor-advisory
x_refsource_SUNALERT
oval:org.mitre.oval:def:100112
vdb-entry
signature
x_refsource_OVAL
MDKSA-2004:065
vendor-advisory
x_refsource_MANDRAKE
oval:org.mitre.oval:def:4863
vdb-entry
signature
x_refsource_OVAL
101555
vendor-advisory
x_refsource_SUNALERT
DSA-525
vendor-advisory
x_refsource_DEBIAN
HPSBOV02683
vendor-advisory
x_refsource_HP
VU#541310
third-party-advisory
x_refsource_CERT-VN
101841
vendor-advisory
x_refsource_SUNALERT
11841
third-party-advisory
x_refsource_SECUNIA

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now