gsd - gsd-2004-0488

gsd-2004-0488

Vulnerability from gsd

Modified

2023-12-13 01:22

Details

Stack-based buffer overflow in the ssl_util_uuencode_binary function in ssl_util.c for Apache mod_ssl, when mod_ssl is configured to trust the issuing CA, may allow remote attackers to execute arbitrary code via a client certificate with a long subject DN.

Aliases

CVE-2004-0488

Aliases

CVE-2004-0488

JSON

To clipboard

{
   GSD: {
      alias: "CVE-2004-0488",
      description: "Stack-based buffer overflow in the ssl_util_uuencode_binary function in ssl_util.c for Apache mod_ssl, when mod_ssl is configured to trust the issuing CA, may allow remote attackers to execute arbitrary code via a client certificate with a long subject DN.",
      id: "GSD-2004-0488",
      references: [
         "https://www.suse.com/security/cve/CVE-2004-0488.html",
         "https://www.debian.org/security/2004/dsa-532",
         "https://access.redhat.com/errata/RHSA-2008:0523",
         "https://access.redhat.com/errata/RHSA-2005:816",
         "https://access.redhat.com/errata/RHSA-2004:405",
         "https://access.redhat.com/errata/RHSA-2004:342",
         "https://access.redhat.com/errata/RHSA-2004:245",
      ],
   },
   gsd: {
      metadata: {
         exploitCode: "unknown",
         remediation: "unknown",
         reportConfidence: "confirmed",
         type: "vulnerability",
      },
      osvSchema: {
         aliases: [
            "CVE-2004-0488",
         ],
         details: "Stack-based buffer overflow in the ssl_util_uuencode_binary function in ssl_util.c for Apache mod_ssl, when mod_ssl is configured to trust the issuing CA, may allow remote attackers to execute arbitrary code via a client certificate with a long subject DN.",
         id: "GSD-2004-0488",
         modified: "2023-12-13T01:22:54.483654Z",
         schema_version: "1.4.0",
      },
   },
   namespaces: {
      "cve.org": {
         CVE_data_meta: {
            ASSIGNER: "cve@mitre.org",
            ID: "CVE-2004-0488",
            STATE: "PUBLIC",
         },
         affects: {
            vendor: {
               vendor_data: [
                  {
                     product: {
                        product_data: [
                           {
                              product_name: "n/a",
                              version: {
                                 version_data: [
                                    {
                                       version_value: "n/a",
                                    },
                                 ],
                              },
                           },
                        ],
                     },
                     vendor_name: "n/a",
                  },
               ],
            },
         },
         data_format: "MITRE",
         data_type: "CVE",
         data_version: "4.0",
         description: {
            description_data: [
               {
                  lang: "eng",
                  value: "Stack-based buffer overflow in the ssl_util_uuencode_binary function in ssl_util.c for Apache mod_ssl, when mod_ssl is configured to trust the issuing CA, may allow remote attackers to execute arbitrary code via a client certificate with a long subject DN.",
               },
            ],
         },
         problemtype: {
            problemtype_data: [
               {
                  description: [
                     {
                        lang: "eng",
                        value: "n/a",
                     },
                  ],
               },
            ],
         },
         references: {
            reference_data: [
               {
                  name: "2004-0031",
                  refsource: "TRUSTIX",
                  url: "http://www.trustix.net/errata/2004/0031/",
               },
               {
                  name: "oval:org.mitre.oval:def:11458",
                  refsource: "OVAL",
                  url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11458",
               },
               {
                  name: "MDKSA-2004:054",
                  refsource: "MANDRAKE",
                  url: "http://www.mandriva.com/security/advisories?name=MDKSA-2004:054",
               },
               {
                  name: "RHSA-2004:342",
                  refsource: "REDHAT",
                  url: "http://www.redhat.com/support/errata/RHSA-2004-342.html",
               },
               {
                  name: "RHSA-2004:245",
                  refsource: "REDHAT",
                  url: "http://rhn.redhat.com/errata/RHSA-2004-245.html",
               },
               {
                  name: "GLSA-200406-05",
                  refsource: "GENTOO",
                  url: "http://security.gentoo.org/glsa/glsa-200406-05.xml",
               },
               {
                  name: "20040527 [OpenPKG-SA-2004.026] OpenPKG Security Advisory (apache)",
                  refsource: "BUGTRAQ",
                  url: "http://marc.info/?l=bugtraq&m=108567431823750&w=2",
               },
               {
                  name: "RHSA-2004:405",
                  refsource: "REDHAT",
                  url: "http://www.redhat.com/support/errata/RHSA-2004-405.html",
               },
               {
                  name: "SSRT4788",
                  refsource: "HP",
                  url: "http://marc.info/?l=bugtraq&m=109215056218824&w=2",
               },
               {
                  name: "20040605-01-U",
                  refsource: "SGI",
                  url: "ftp://patches.sgi.com/support/free/security/advisories/20040605-01-U.asc",
               },
               {
                  name: "RHSA-2005:816",
                  refsource: "REDHAT",
                  url: "http://www.redhat.com/support/errata/RHSA-2005-816.html",
               },
               {
                  name: "SSRT4777",
                  refsource: "HP",
                  url: "http://marc.info/?l=bugtraq&m=109181600614477&w=2",
               },
               {
                  name: "20040517 mod_ssl ssl_util_uuencode_binary potential problem",
                  refsource: "FULLDISC",
                  url: "http://lists.grok.org.uk/pipermail/full-disclosure/2004-May/021610.html",
               },
               {
                  name: "10355",
                  refsource: "BID",
                  url: "http://www.securityfocus.com/bid/10355",
               },
               {
                  name: "DSA-532",
                  refsource: "DEBIAN",
                  url: "http://www.debian.org/security/2004/dsa-532",
               },
               {
                  name: "FLSA:1888",
                  refsource: "FEDORA",
                  url: "https://bugzilla.fedora.us/show_bug.cgi?id=1888",
               },
               {
                  name: "MDKSA-2004:055",
                  refsource: "MANDRAKE",
                  url: "http://www.mandriva.com/security/advisories?name=MDKSA-2004:055",
               },
               {
                  name: "apache-modssl-uuencode-bo(16214)",
                  refsource: "XF",
                  url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/16214",
               },
               {
                  name: "20040601 TSSA-2004-008 - apache",
                  refsource: "BUGTRAQ",
                  url: "http://marc.info/?l=bugtraq&m=108619129727620&w=2",
               },
               {
                  name: "[httpd-cvs] 20190815 svn commit: r1048742 [2/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html",
                  refsource: "MLIST",
                  url: "https://lists.apache.org/thread.html/54a42d4b01968df1117cea77fc53d6beb931c0e05936ad02af93e9ac@%3Ccvs.httpd.apache.org%3E",
               },
               {
                  name: "[httpd-cvs] 20190815 svn commit: r1048743 [2/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html",
                  refsource: "MLIST",
                  url: "https://lists.apache.org/thread.html/5df9bfb86a3b054bb985a45ff9250b0332c9ecc181eec232489e7f79@%3Ccvs.httpd.apache.org%3E",
               },
               {
                  name: "[httpd-cvs] 20200401 svn commit: r1058586 [2/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html",
                  refsource: "MLIST",
                  url: "https://lists.apache.org/thread.html/r0276683d8e1e07153fc8642618830ac0ade85b9ae0dc7b07f63bb8fc@%3Ccvs.httpd.apache.org%3E",
               },
               {
                  name: "[httpd-cvs] 20200401 svn commit: r1058587 [2/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html",
                  refsource: "MLIST",
                  url: "https://lists.apache.org/thread.html/r8828e649175df56f1f9e3919938ac7826128525426e2748f0ab62feb@%3Ccvs.httpd.apache.org%3E",
               },
               {
                  name: "[httpd-cvs] 20210330 svn commit: r1073139 [1/13] - in /websites/staging/httpd/trunk/content: ./ security/json/",
                  refsource: "MLIST",
                  url: "https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9@%3Ccvs.httpd.apache.org%3E",
               },
               {
                  name: "[httpd-cvs] 20210330 svn commit: r1073139 [3/13] - in /websites/staging/httpd/trunk/content: ./ security/json/",
                  refsource: "MLIST",
                  url: "https://lists.apache.org/thread.html/re895fc1736d25c8cf57e102c871613b8aeec9ea26fd8a44e7942b5ab@%3Ccvs.httpd.apache.org%3E",
               },
               {
                  name: "[httpd-cvs] 20210330 svn commit: r1888194 [3/13] - /httpd/site/trunk/content/security/json/",
                  refsource: "MLIST",
                  url: "https://lists.apache.org/thread.html/rd65d8ba68ba17e7deedafbf5bb4899f2ae4dad781d21b931c2941ac3@%3Ccvs.httpd.apache.org%3E",
               },
               {
                  name: "[httpd-cvs] 20210330 svn commit: r1073140 [2/4] - in /websites/staging/httpd/trunk/content: ./ security/cvejsontohtml.py security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html",
                  refsource: "MLIST",
                  url: "https://lists.apache.org/thread.html/r2cb985de917e7da0848c440535f65a247754db8b2154a10089e4247b@%3Ccvs.httpd.apache.org%3E",
               },
               {
                  name: "[httpd-cvs] 20210330 svn commit: r1073143 [2/3] - in /websites/staging/httpd/trunk/content: ./ security/",
                  refsource: "MLIST",
                  url: "https://lists.apache.org/thread.html/r9e8622254184645bc963a1d47c5d47f6d5a36d6f080d8d2c43b2b142@%3Ccvs.httpd.apache.org%3E",
               },
               {
                  name: "[httpd-cvs] 20210330 svn commit: r1073149 [3/13] - in /websites/staging/httpd/trunk/content: ./ security/ security/json/",
                  refsource: "MLIST",
                  url: "https://lists.apache.org/thread.html/raa117ef183f0da9b3f46efbeaa66f7622bd68868a450cae4fd8ed594@%3Ccvs.httpd.apache.org%3E",
               },
               {
                  name: "[httpd-cvs] 20210330 svn commit: r1073149 [1/13] - in /websites/staging/httpd/trunk/content: ./ security/ security/json/",
                  refsource: "MLIST",
                  url: "https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920@%3Ccvs.httpd.apache.org%3E",
               },
               {
                  name: "[httpd-cvs] 20210606 svn commit: r1075470 [2/4] - in /websites/staging/httpd/trunk/content: ./ security/json/CVE-2020-13938.json security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html",
                  refsource: "MLIST",
                  url: "https://lists.apache.org/thread.html/r5001ecf3d6b2bdd0b732e527654248abb264f08390045d30709a92f6@%3Ccvs.httpd.apache.org%3E",
               },
            ],
         },
      },
      "nvd.nist.gov": {
         configurations: {
            CVE_data_version: "4.0",
            nodes: [
               {
                  children: [],
                  cpe_match: [
                     {
                        cpe23Uri: "cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*",
                        cpe_name: [],
                        versionEndExcluding: "2.0.50",
                        versionStartIncluding: "2.0.35",
                        vulnerable: true,
                     },
                  ],
                  operator: "OR",
               },
               {
                  children: [],
                  cpe_match: [
                     {
                        cpe23Uri: "cpe:2.3:o:debian:debian_linux:3.0:*:*:*:*:*:*:*",
                        cpe_name: [],
                        vulnerable: true,
                     },
                  ],
                  operator: "OR",
               },
               {
                  children: [],
                  cpe_match: [
                     {
                        cpe23Uri: "cpe:2.3:o:redhat:enterprise_linux_server:2.0:*:*:*:*:*:*:*",
                        cpe_name: [],
                        vulnerable: true,
                     },
                     {
                        cpe23Uri: "cpe:2.3:o:redhat:enterprise_linux_workstation:2.0:*:*:*:*:*:*:*",
                        cpe_name: [],
                        vulnerable: true,
                     },
                  ],
                  operator: "OR",
               },
            ],
         },
         cve: {
            CVE_data_meta: {
               ASSIGNER: "cve@mitre.org",
               ID: "CVE-2004-0488",
            },
            data_format: "MITRE",
            data_type: "CVE",
            data_version: "4.0",
            description: {
               description_data: [
                  {
                     lang: "en",
                     value: "Stack-based buffer overflow in the ssl_util_uuencode_binary function in ssl_util.c for Apache mod_ssl, when mod_ssl is configured to trust the issuing CA, may allow remote attackers to execute arbitrary code via a client certificate with a long subject DN.",
                  },
               ],
            },
            problemtype: {
               problemtype_data: [
                  {
                     description: [
                        {
                           lang: "en",
                           value: "CWE-787",
                        },
                     ],
                  },
               ],
            },
            references: {
               reference_data: [
                  {
                     name: "10355",
                     refsource: "BID",
                     tags: [
                        "Patch",
                        "Third Party Advisory",
                        "VDB Entry",
                        "Vendor Advisory",
                     ],
                     url: "http://www.securityfocus.com/bid/10355",
                  },
                  {
                     name: "20040517 mod_ssl ssl_util_uuencode_binary potential problem",
                     refsource: "FULLDISC",
                     tags: [
                        "Third Party Advisory",
                     ],
                     url: "http://lists.grok.org.uk/pipermail/full-disclosure/2004-May/021610.html",
                  },
                  {
                     name: "DSA-532",
                     refsource: "DEBIAN",
                     tags: [
                        "Third Party Advisory",
                     ],
                     url: "http://www.debian.org/security/2004/dsa-532",
                  },
                  {
                     name: "FLSA:1888",
                     refsource: "FEDORA",
                     tags: [
                        "Broken Link",
                        "Issue Tracking",
                     ],
                     url: "https://bugzilla.fedora.us/show_bug.cgi?id=1888",
                  },
                  {
                     name: "2004-0031",
                     refsource: "TRUSTIX",
                     tags: [
                        "Broken Link",
                     ],
                     url: "http://www.trustix.net/errata/2004/0031/",
                  },
                  {
                     name: "GLSA-200406-05",
                     refsource: "GENTOO",
                     tags: [
                        "Third Party Advisory",
                     ],
                     url: "http://security.gentoo.org/glsa/glsa-200406-05.xml",
                  },
                  {
                     name: "RHSA-2004:245",
                     refsource: "REDHAT",
                     tags: [
                        "Third Party Advisory",
                     ],
                     url: "http://rhn.redhat.com/errata/RHSA-2004-245.html",
                  },
                  {
                     name: "RHSA-2004:342",
                     refsource: "REDHAT",
                     tags: [
                        "Third Party Advisory",
                     ],
                     url: "http://www.redhat.com/support/errata/RHSA-2004-342.html",
                  },
                  {
                     name: "RHSA-2004:405",
                     refsource: "REDHAT",
                     tags: [
                        "Third Party Advisory",
                     ],
                     url: "http://www.redhat.com/support/errata/RHSA-2004-405.html",
                  },
                  {
                     name: "20040605-01-U",
                     refsource: "SGI",
                     tags: [
                        "Broken Link",
                     ],
                     url: "ftp://patches.sgi.com/support/free/security/advisories/20040605-01-U.asc",
                  },
                  {
                     name: "RHSA-2005:816",
                     refsource: "REDHAT",
                     tags: [
                        "Third Party Advisory",
                     ],
                     url: "http://www.redhat.com/support/errata/RHSA-2005-816.html",
                  },
                  {
                     name: "MDKSA-2004:054",
                     refsource: "MANDRAKE",
                     tags: [
                        "Broken Link",
                     ],
                     url: "http://www.mandriva.com/security/advisories?name=MDKSA-2004:054",
                  },
                  {
                     name: "MDKSA-2004:055",
                     refsource: "MANDRAKE",
                     tags: [
                        "Broken Link",
                     ],
                     url: "http://www.mandriva.com/security/advisories?name=MDKSA-2004:055",
                  },
                  {
                     name: "20040527 [OpenPKG-SA-2004.026] OpenPKG Security Advisory (apache)",
                     refsource: "BUGTRAQ",
                     tags: [
                        "Issue Tracking",
                        "Mailing List",
                        "Third Party Advisory",
                     ],
                     url: "http://marc.info/?l=bugtraq&m=108567431823750&w=2",
                  },
                  {
                     name: "SSRT4788",
                     refsource: "HP",
                     tags: [
                        "Issue Tracking",
                        "Mailing List",
                        "Third Party Advisory",
                     ],
                     url: "http://marc.info/?l=bugtraq&m=109215056218824&w=2",
                  },
                  {
                     name: "SSRT4777",
                     refsource: "HP",
                     tags: [
                        "Issue Tracking",
                        "Mailing List",
                        "Third Party Advisory",
                     ],
                     url: "http://marc.info/?l=bugtraq&m=109181600614477&w=2",
                  },
                  {
                     name: "20040601 TSSA-2004-008 - apache",
                     refsource: "BUGTRAQ",
                     tags: [
                        "Issue Tracking",
                        "Mailing List",
                        "Third Party Advisory",
                     ],
                     url: "http://marc.info/?l=bugtraq&m=108619129727620&w=2",
                  },
                  {
                     name: "apache-modssl-uuencode-bo(16214)",
                     refsource: "XF",
                     tags: [
                        "Third Party Advisory",
                        "VDB Entry",
                     ],
                     url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/16214",
                  },
                  {
                     name: "oval:org.mitre.oval:def:11458",
                     refsource: "OVAL",
                     tags: [
                        "Third Party Advisory",
                     ],
                     url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11458",
                  },
                  {
                     name: "[httpd-cvs] 20190815 svn commit: r1048742 [2/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html",
                     refsource: "MLIST",
                     tags: [
                        "Mailing List",
                        "Vendor Advisory",
                     ],
                     url: "https://lists.apache.org/thread.html/54a42d4b01968df1117cea77fc53d6beb931c0e05936ad02af93e9ac@%3Ccvs.httpd.apache.org%3E",
                  },
                  {
                     name: "[httpd-cvs] 20190815 svn commit: r1048743 [2/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html",
                     refsource: "MLIST",
                     tags: [
                        "Mailing List",
                        "Vendor Advisory",
                     ],
                     url: "https://lists.apache.org/thread.html/5df9bfb86a3b054bb985a45ff9250b0332c9ecc181eec232489e7f79@%3Ccvs.httpd.apache.org%3E",
                  },
                  {
                     name: "[httpd-cvs] 20200401 svn commit: r1058586 [2/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html",
                     refsource: "MLIST",
                     tags: [
                        "Mailing List",
                        "Vendor Advisory",
                     ],
                     url: "https://lists.apache.org/thread.html/r0276683d8e1e07153fc8642618830ac0ade85b9ae0dc7b07f63bb8fc@%3Ccvs.httpd.apache.org%3E",
                  },
                  {
                     name: "[httpd-cvs] 20200401 svn commit: r1058587 [2/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html",
                     refsource: "MLIST",
                     tags: [
                        "Mailing List",
                        "Vendor Advisory",
                     ],
                     url: "https://lists.apache.org/thread.html/r8828e649175df56f1f9e3919938ac7826128525426e2748f0ab62feb@%3Ccvs.httpd.apache.org%3E",
                  },
                  {
                     name: "[httpd-cvs] 20210330 svn commit: r1073139 [1/13] - in /websites/staging/httpd/trunk/content: ./ security/json/",
                     refsource: "MLIST",
                     tags: [
                        "Mailing List",
                        "Vendor Advisory",
                     ],
                     url: "https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9@%3Ccvs.httpd.apache.org%3E",
                  },
                  {
                     name: "[httpd-cvs] 20210330 svn commit: r1888194 [3/13] - /httpd/site/trunk/content/security/json/",
                     refsource: "MLIST",
                     tags: [
                        "Mailing List",
                        "Vendor Advisory",
                     ],
                     url: "https://lists.apache.org/thread.html/rd65d8ba68ba17e7deedafbf5bb4899f2ae4dad781d21b931c2941ac3@%3Ccvs.httpd.apache.org%3E",
                  },
                  {
                     name: "[httpd-cvs] 20210330 svn commit: r1073140 [2/4] - in /websites/staging/httpd/trunk/content: ./ security/cvejsontohtml.py security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html",
                     refsource: "MLIST",
                     tags: [
                        "Mailing List",
                        "Vendor Advisory",
                     ],
                     url: "https://lists.apache.org/thread.html/r2cb985de917e7da0848c440535f65a247754db8b2154a10089e4247b@%3Ccvs.httpd.apache.org%3E",
                  },
                  {
                     name: "[httpd-cvs] 20210330 svn commit: r1073149 [3/13] - in /websites/staging/httpd/trunk/content: ./ security/ security/json/",
                     refsource: "MLIST",
                     tags: [
                        "Mailing List",
                        "Vendor Advisory",
                     ],
                     url: "https://lists.apache.org/thread.html/raa117ef183f0da9b3f46efbeaa66f7622bd68868a450cae4fd8ed594@%3Ccvs.httpd.apache.org%3E",
                  },
                  {
                     name: "[httpd-cvs] 20210330 svn commit: r1073143 [2/3] - in /websites/staging/httpd/trunk/content: ./ security/",
                     refsource: "MLIST",
                     tags: [
                        "Mailing List",
                        "Vendor Advisory",
                     ],
                     url: "https://lists.apache.org/thread.html/r9e8622254184645bc963a1d47c5d47f6d5a36d6f080d8d2c43b2b142@%3Ccvs.httpd.apache.org%3E",
                  },
                  {
                     name: "[httpd-cvs] 20210330 svn commit: r1073139 [3/13] - in /websites/staging/httpd/trunk/content: ./ security/json/",
                     refsource: "MLIST",
                     tags: [
                        "Mailing List",
                        "Vendor Advisory",
                     ],
                     url: "https://lists.apache.org/thread.html/re895fc1736d25c8cf57e102c871613b8aeec9ea26fd8a44e7942b5ab@%3Ccvs.httpd.apache.org%3E",
                  },
                  {
                     name: "[httpd-cvs] 20210606 svn commit: r1075470 [2/4] - in /websites/staging/httpd/trunk/content: ./ security/json/CVE-2020-13938.json security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html",
                     refsource: "MLIST",
                     tags: [
                        "Mailing List",
                        "Vendor Advisory",
                     ],
                     url: "https://lists.apache.org/thread.html/r5001ecf3d6b2bdd0b732e527654248abb264f08390045d30709a92f6@%3Ccvs.httpd.apache.org%3E",
                  },
                  {
                     name: "[httpd-cvs] 20210330 svn commit: r1073149 [1/13] - in /websites/staging/httpd/trunk/content: ./ security/ security/json/",
                     refsource: "MLIST",
                     tags: [
                        "Mailing List",
                        "Vendor Advisory",
                     ],
                     url: "https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920@%3Ccvs.httpd.apache.org%3E",
                  },
               ],
            },
         },
         impact: {
            baseMetricV2: {
               cvssV2: {
                  accessComplexity: "LOW",
                  accessVector: "NETWORK",
                  authentication: "NONE",
                  availabilityImpact: "PARTIAL",
                  baseScore: 7.5,
                  confidentialityImpact: "PARTIAL",
                  integrityImpact: "PARTIAL",
                  vectorString: "AV:N/AC:L/Au:N/C:P/I:P/A:P",
                  version: "2.0",
               },
               exploitabilityScore: 10,
               impactScore: 6.4,
               obtainAllPrivilege: false,
               obtainOtherPrivilege: true,
               obtainUserPrivilege: false,
               severity: "HIGH",
               userInteractionRequired: false,
            },
         },
         lastModifiedDate: "2022-09-23T15:23Z",
         publishedDate: "2004-07-07T04:00Z",
      },
   },
}

CVE-2004-0488 (GCVE-0-2004-0488)

Vulnerability from cvelistv5

Published

2004-05-28 04:00

Modified

2024-08-08 00:17

Severity ?

Summary

References

▼	URL	Tags
	http://www.trustix.net/errata/2004/0031/	vendor-advisory, x_refsource_TRUSTIX
	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11458	vdb-entry, signature, x_refsource_OVAL
	http://www.mandriva.com/security/advisories?name=MDKSA-2004:054	vendor-advisory, x_refsource_MANDRAKE
	http://www.redhat.com/support/errata/RHSA-2004-342.html	vendor-advisory, x_refsource_REDHAT
	http://rhn.redhat.com/errata/RHSA-2004-245.html	vendor-advisory, x_refsource_REDHAT
	http://security.gentoo.org/glsa/glsa-200406-05.xml	vendor-advisory, x_refsource_GENTOO
	http://marc.info/?l=bugtraq&m=108567431823750&w=2	mailing-list, x_refsource_BUGTRAQ
	http://www.redhat.com/support/errata/RHSA-2004-405.html	vendor-advisory, x_refsource_REDHAT
	http://marc.info/?l=bugtraq&m=109215056218824&w=2	vendor-advisory, x_refsource_HP
	ftp://patches.sgi.com/support/free/security/advisories/20040605-01-U.asc	vendor-advisory, x_refsource_SGI
	http://www.redhat.com/support/errata/RHSA-2005-816.html	vendor-advisory, x_refsource_REDHAT
	http://marc.info/?l=bugtraq&m=109181600614477&w=2	vendor-advisory, x_refsource_HP
	http://lists.grok.org.uk/pipermail/full-disclosure/2004-May/021610.html	mailing-list, x_refsource_FULLDISC
	http://www.securityfocus.com/bid/10355	vdb-entry, x_refsource_BID
	http://www.debian.org/security/2004/dsa-532	vendor-advisory, x_refsource_DEBIAN
	https://bugzilla.fedora.us/show_bug.cgi?id=1888	vendor-advisory, x_refsource_FEDORA
	http://www.mandriva.com/security/advisories?name=MDKSA-2004:055	vendor-advisory, x_refsource_MANDRAKE
	https://exchange.xforce.ibmcloud.com/vulnerabilities/16214	vdb-entry, x_refsource_XF
	http://marc.info/?l=bugtraq&m=108619129727620&w=2	mailing-list, x_refsource_BUGTRAQ
	https://lists.apache.org/thread.html/54a42d4b01968df1117cea77fc53d6beb931c0e05936ad02af93e9ac%40%3Ccvs.httpd.apache.org%3E	mailing-list, x_refsource_MLIST
	https://lists.apache.org/thread.html/5df9bfb86a3b054bb985a45ff9250b0332c9ecc181eec232489e7f79%40%3Ccvs.httpd.apache.org%3E	mailing-list, x_refsource_MLIST
	https://lists.apache.org/thread.html/r0276683d8e1e07153fc8642618830ac0ade85b9ae0dc7b07f63bb8fc%40%3Ccvs.httpd.apache.org%3E	mailing-list, x_refsource_MLIST
	https://lists.apache.org/thread.html/r8828e649175df56f1f9e3919938ac7826128525426e2748f0ab62feb%40%3Ccvs.httpd.apache.org%3E	mailing-list, x_refsource_MLIST
	https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E	mailing-list, x_refsource_MLIST
	https://lists.apache.org/thread.html/re895fc1736d25c8cf57e102c871613b8aeec9ea26fd8a44e7942b5ab%40%3Ccvs.httpd.apache.org%3E	mailing-list, x_refsource_MLIST
	https://lists.apache.org/thread.html/rd65d8ba68ba17e7deedafbf5bb4899f2ae4dad781d21b931c2941ac3%40%3Ccvs.httpd.apache.org%3E	mailing-list, x_refsource_MLIST
	https://lists.apache.org/thread.html/r2cb985de917e7da0848c440535f65a247754db8b2154a10089e4247b%40%3Ccvs.httpd.apache.org%3E	mailing-list, x_refsource_MLIST
	https://lists.apache.org/thread.html/r9e8622254184645bc963a1d47c5d47f6d5a36d6f080d8d2c43b2b142%40%3Ccvs.httpd.apache.org%3E	mailing-list, x_refsource_MLIST
	https://lists.apache.org/thread.html/raa117ef183f0da9b3f46efbeaa66f7622bd68868a450cae4fd8ed594%40%3Ccvs.httpd.apache.org%3E	mailing-list, x_refsource_MLIST
	https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E	mailing-list, x_refsource_MLIST
	https://lists.apache.org/thread.html/r5001ecf3d6b2bdd0b732e527654248abb264f08390045d30709a92f6%40%3Ccvs.httpd.apache.org%3E	mailing-list, x_refsource_MLIST

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
   containers: {
      adp: [
         {
            providerMetadata: {
               dateUpdated: "2024-08-08T00:17:15.134Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  name: "2004-0031",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_TRUSTIX",
                     "x_transferred",
                  ],
                  url: "http://www.trustix.net/errata/2004/0031/",
               },
               {
                  name: "oval:org.mitre.oval:def:11458",
                  tags: [
                     "vdb-entry",
                     "signature",
                     "x_refsource_OVAL",
                     "x_transferred",
                  ],
                  url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11458",
               },
               {
                  name: "MDKSA-2004:054",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_MANDRAKE",
                     "x_transferred",
                  ],
                  url: "http://www.mandriva.com/security/advisories?name=MDKSA-2004:054",
               },
               {
                  name: "RHSA-2004:342",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "http://www.redhat.com/support/errata/RHSA-2004-342.html",
               },
               {
                  name: "RHSA-2004:245",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "http://rhn.redhat.com/errata/RHSA-2004-245.html",
               },
               {
                  name: "GLSA-200406-05",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_GENTOO",
                     "x_transferred",
                  ],
                  url: "http://security.gentoo.org/glsa/glsa-200406-05.xml",
               },
               {
                  name: "20040527 [OpenPKG-SA-2004.026] OpenPKG Security Advisory (apache)",
                  tags: [
                     "mailing-list",
                     "x_refsource_BUGTRAQ",
                     "x_transferred",
                  ],
                  url: "http://marc.info/?l=bugtraq&m=108567431823750&w=2",
               },
               {
                  name: "RHSA-2004:405",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "http://www.redhat.com/support/errata/RHSA-2004-405.html",
               },
               {
                  name: "SSRT4788",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_HP",
                     "x_transferred",
                  ],
                  url: "http://marc.info/?l=bugtraq&m=109215056218824&w=2",
               },
               {
                  name: "20040605-01-U",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_SGI",
                     "x_transferred",
                  ],
                  url: "ftp://patches.sgi.com/support/free/security/advisories/20040605-01-U.asc",
               },
               {
                  name: "RHSA-2005:816",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "http://www.redhat.com/support/errata/RHSA-2005-816.html",
               },
               {
                  name: "SSRT4777",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_HP",
                     "x_transferred",
                  ],
                  url: "http://marc.info/?l=bugtraq&m=109181600614477&w=2",
               },
               {
                  name: "20040517 mod_ssl ssl_util_uuencode_binary potential problem",
                  tags: [
                     "mailing-list",
                     "x_refsource_FULLDISC",
                     "x_transferred",
                  ],
                  url: "http://lists.grok.org.uk/pipermail/full-disclosure/2004-May/021610.html",
               },
               {
                  name: "10355",
                  tags: [
                     "vdb-entry",
                     "x_refsource_BID",
                     "x_transferred",
                  ],
                  url: "http://www.securityfocus.com/bid/10355",
               },
               {
                  name: "DSA-532",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_DEBIAN",
                     "x_transferred",
                  ],
                  url: "http://www.debian.org/security/2004/dsa-532",
               },
               {
                  name: "FLSA:1888",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_FEDORA",
                     "x_transferred",
                  ],
                  url: "https://bugzilla.fedora.us/show_bug.cgi?id=1888",
               },
               {
                  name: "MDKSA-2004:055",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_MANDRAKE",
                     "x_transferred",
                  ],
                  url: "http://www.mandriva.com/security/advisories?name=MDKSA-2004:055",
               },
               {
                  name: "apache-modssl-uuencode-bo(16214)",
                  tags: [
                     "vdb-entry",
                     "x_refsource_XF",
                     "x_transferred",
                  ],
                  url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/16214",
               },
               {
                  name: "20040601 TSSA-2004-008 - apache",
                  tags: [
                     "mailing-list",
                     "x_refsource_BUGTRAQ",
                     "x_transferred",
                  ],
                  url: "http://marc.info/?l=bugtraq&m=108619129727620&w=2",
               },
               {
                  name: "[httpd-cvs] 20190815 svn commit: r1048742 [2/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html",
                  tags: [
                     "mailing-list",
                     "x_refsource_MLIST",
                     "x_transferred",
                  ],
                  url: "https://lists.apache.org/thread.html/54a42d4b01968df1117cea77fc53d6beb931c0e05936ad02af93e9ac%40%3Ccvs.httpd.apache.org%3E",
               },
               {
                  name: "[httpd-cvs] 20190815 svn commit: r1048743 [2/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html",
                  tags: [
                     "mailing-list",
                     "x_refsource_MLIST",
                     "x_transferred",
                  ],
                  url: "https://lists.apache.org/thread.html/5df9bfb86a3b054bb985a45ff9250b0332c9ecc181eec232489e7f79%40%3Ccvs.httpd.apache.org%3E",
               },
               {
                  name: "[httpd-cvs] 20200401 svn commit: r1058586 [2/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html",
                  tags: [
                     "mailing-list",
                     "x_refsource_MLIST",
                     "x_transferred",
                  ],
                  url: "https://lists.apache.org/thread.html/r0276683d8e1e07153fc8642618830ac0ade85b9ae0dc7b07f63bb8fc%40%3Ccvs.httpd.apache.org%3E",
               },
               {
                  name: "[httpd-cvs] 20200401 svn commit: r1058587 [2/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html",
                  tags: [
                     "mailing-list",
                     "x_refsource_MLIST",
                     "x_transferred",
                  ],
                  url: "https://lists.apache.org/thread.html/r8828e649175df56f1f9e3919938ac7826128525426e2748f0ab62feb%40%3Ccvs.httpd.apache.org%3E",
               },
               {
                  name: "[httpd-cvs] 20210330 svn commit: r1073139 [1/13] - in /websites/staging/httpd/trunk/content: ./ security/json/",
                  tags: [
                     "mailing-list",
                     "x_refsource_MLIST",
                     "x_transferred",
                  ],
                  url: "https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E",
               },
               {
                  name: "[httpd-cvs] 20210330 svn commit: r1073139 [3/13] - in /websites/staging/httpd/trunk/content: ./ security/json/",
                  tags: [
                     "mailing-list",
                     "x_refsource_MLIST",
                     "x_transferred",
                  ],
                  url: "https://lists.apache.org/thread.html/re895fc1736d25c8cf57e102c871613b8aeec9ea26fd8a44e7942b5ab%40%3Ccvs.httpd.apache.org%3E",
               },
               {
                  name: "[httpd-cvs] 20210330 svn commit: r1888194 [3/13] - /httpd/site/trunk/content/security/json/",
                  tags: [
                     "mailing-list",
                     "x_refsource_MLIST",
                     "x_transferred",
                  ],
                  url: "https://lists.apache.org/thread.html/rd65d8ba68ba17e7deedafbf5bb4899f2ae4dad781d21b931c2941ac3%40%3Ccvs.httpd.apache.org%3E",
               },
               {
                  name: "[httpd-cvs] 20210330 svn commit: r1073140 [2/4] - in /websites/staging/httpd/trunk/content: ./ security/cvejsontohtml.py security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html",
                  tags: [
                     "mailing-list",
                     "x_refsource_MLIST",
                     "x_transferred",
                  ],
                  url: "https://lists.apache.org/thread.html/r2cb985de917e7da0848c440535f65a247754db8b2154a10089e4247b%40%3Ccvs.httpd.apache.org%3E",
               },
               {
                  name: "[httpd-cvs] 20210330 svn commit: r1073143 [2/3] - in /websites/staging/httpd/trunk/content: ./ security/",
                  tags: [
                     "mailing-list",
                     "x_refsource_MLIST",
                     "x_transferred",
                  ],
                  url: "https://lists.apache.org/thread.html/r9e8622254184645bc963a1d47c5d47f6d5a36d6f080d8d2c43b2b142%40%3Ccvs.httpd.apache.org%3E",
               },
               {
                  name: "[httpd-cvs] 20210330 svn commit: r1073149 [3/13] - in /websites/staging/httpd/trunk/content: ./ security/ security/json/",
                  tags: [
                     "mailing-list",
                     "x_refsource_MLIST",
                     "x_transferred",
                  ],
                  url: "https://lists.apache.org/thread.html/raa117ef183f0da9b3f46efbeaa66f7622bd68868a450cae4fd8ed594%40%3Ccvs.httpd.apache.org%3E",
               },
               {
                  name: "[httpd-cvs] 20210330 svn commit: r1073149 [1/13] - in /websites/staging/httpd/trunk/content: ./ security/ security/json/",
                  tags: [
                     "mailing-list",
                     "x_refsource_MLIST",
                     "x_transferred",
                  ],
                  url: "https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E",
               },
               {
                  name: "[httpd-cvs] 20210606 svn commit: r1075470 [2/4] - in /websites/staging/httpd/trunk/content: ./ security/json/CVE-2020-13938.json security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html",
                  tags: [
                     "mailing-list",
                     "x_refsource_MLIST",
                     "x_transferred",
                  ],
                  url: "https://lists.apache.org/thread.html/r5001ecf3d6b2bdd0b732e527654248abb264f08390045d30709a92f6%40%3Ccvs.httpd.apache.org%3E",
               },
            ],
            title: "CVE Program Container",
         },
      ],
      cna: {
         affected: [
            {
               product: "n/a",
               vendor: "n/a",
               versions: [
                  {
                     status: "affected",
                     version: "n/a",
                  },
               ],
            },
         ],
         datePublic: "2004-05-17T00:00:00",
         descriptions: [
            {
               lang: "en",
               value: "Stack-based buffer overflow in the ssl_util_uuencode_binary function in ssl_util.c for Apache mod_ssl, when mod_ssl is configured to trust the issuing CA, may allow remote attackers to execute arbitrary code via a client certificate with a long subject DN.",
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     description: "n/a",
                     lang: "en",
                     type: "text",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2021-06-06T10:10:24",
            orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            shortName: "mitre",
         },
         references: [
            {
               name: "2004-0031",
               tags: [
                  "vendor-advisory",
                  "x_refsource_TRUSTIX",
               ],
               url: "http://www.trustix.net/errata/2004/0031/",
            },
            {
               name: "oval:org.mitre.oval:def:11458",
               tags: [
                  "vdb-entry",
                  "signature",
                  "x_refsource_OVAL",
               ],
               url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11458",
            },
            {
               name: "MDKSA-2004:054",
               tags: [
                  "vendor-advisory",
                  "x_refsource_MANDRAKE",
               ],
               url: "http://www.mandriva.com/security/advisories?name=MDKSA-2004:054",
            },
            {
               name: "RHSA-2004:342",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "http://www.redhat.com/support/errata/RHSA-2004-342.html",
            },
            {
               name: "RHSA-2004:245",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "http://rhn.redhat.com/errata/RHSA-2004-245.html",
            },
            {
               name: "GLSA-200406-05",
               tags: [
                  "vendor-advisory",
                  "x_refsource_GENTOO",
               ],
               url: "http://security.gentoo.org/glsa/glsa-200406-05.xml",
            },
            {
               name: "20040527 [OpenPKG-SA-2004.026] OpenPKG Security Advisory (apache)",
               tags: [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
               ],
               url: "http://marc.info/?l=bugtraq&m=108567431823750&w=2",
            },
            {
               name: "RHSA-2004:405",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "http://www.redhat.com/support/errata/RHSA-2004-405.html",
            },
            {
               name: "SSRT4788",
               tags: [
                  "vendor-advisory",
                  "x_refsource_HP",
               ],
               url: "http://marc.info/?l=bugtraq&m=109215056218824&w=2",
            },
            {
               name: "20040605-01-U",
               tags: [
                  "vendor-advisory",
                  "x_refsource_SGI",
               ],
               url: "ftp://patches.sgi.com/support/free/security/advisories/20040605-01-U.asc",
            },
            {
               name: "RHSA-2005:816",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "http://www.redhat.com/support/errata/RHSA-2005-816.html",
            },
            {
               name: "SSRT4777",
               tags: [
                  "vendor-advisory",
                  "x_refsource_HP",
               ],
               url: "http://marc.info/?l=bugtraq&m=109181600614477&w=2",
            },
            {
               name: "20040517 mod_ssl ssl_util_uuencode_binary potential problem",
               tags: [
                  "mailing-list",
                  "x_refsource_FULLDISC",
               ],
               url: "http://lists.grok.org.uk/pipermail/full-disclosure/2004-May/021610.html",
            },
            {
               name: "10355",
               tags: [
                  "vdb-entry",
                  "x_refsource_BID",
               ],
               url: "http://www.securityfocus.com/bid/10355",
            },
            {
               name: "DSA-532",
               tags: [
                  "vendor-advisory",
                  "x_refsource_DEBIAN",
               ],
               url: "http://www.debian.org/security/2004/dsa-532",
            },
            {
               name: "FLSA:1888",
               tags: [
                  "vendor-advisory",
                  "x_refsource_FEDORA",
               ],
               url: "https://bugzilla.fedora.us/show_bug.cgi?id=1888",
            },
            {
               name: "MDKSA-2004:055",
               tags: [
                  "vendor-advisory",
                  "x_refsource_MANDRAKE",
               ],
               url: "http://www.mandriva.com/security/advisories?name=MDKSA-2004:055",
            },
            {
               name: "apache-modssl-uuencode-bo(16214)",
               tags: [
                  "vdb-entry",
                  "x_refsource_XF",
               ],
               url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/16214",
            },
            {
               name: "20040601 TSSA-2004-008 - apache",
               tags: [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
               ],
               url: "http://marc.info/?l=bugtraq&m=108619129727620&w=2",
            },
            {
               name: "[httpd-cvs] 20190815 svn commit: r1048742 [2/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html",
               tags: [
                  "mailing-list",
                  "x_refsource_MLIST",
               ],
               url: "https://lists.apache.org/thread.html/54a42d4b01968df1117cea77fc53d6beb931c0e05936ad02af93e9ac%40%3Ccvs.httpd.apache.org%3E",
            },
            {
               name: "[httpd-cvs] 20190815 svn commit: r1048743 [2/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html",
               tags: [
                  "mailing-list",
                  "x_refsource_MLIST",
               ],
               url: "https://lists.apache.org/thread.html/5df9bfb86a3b054bb985a45ff9250b0332c9ecc181eec232489e7f79%40%3Ccvs.httpd.apache.org%3E",
            },
            {
               name: "[httpd-cvs] 20200401 svn commit: r1058586 [2/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html",
               tags: [
                  "mailing-list",
                  "x_refsource_MLIST",
               ],
               url: "https://lists.apache.org/thread.html/r0276683d8e1e07153fc8642618830ac0ade85b9ae0dc7b07f63bb8fc%40%3Ccvs.httpd.apache.org%3E",
            },
            {
               name: "[httpd-cvs] 20200401 svn commit: r1058587 [2/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html",
               tags: [
                  "mailing-list",
                  "x_refsource_MLIST",
               ],
               url: "https://lists.apache.org/thread.html/r8828e649175df56f1f9e3919938ac7826128525426e2748f0ab62feb%40%3Ccvs.httpd.apache.org%3E",
            },
            {
               name: "[httpd-cvs] 20210330 svn commit: r1073139 [1/13] - in /websites/staging/httpd/trunk/content: ./ security/json/",
               tags: [
                  "mailing-list",
                  "x_refsource_MLIST",
               ],
               url: "https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E",
            },
            {
               name: "[httpd-cvs] 20210330 svn commit: r1073139 [3/13] - in /websites/staging/httpd/trunk/content: ./ security/json/",
               tags: [
                  "mailing-list",
                  "x_refsource_MLIST",
               ],
               url: "https://lists.apache.org/thread.html/re895fc1736d25c8cf57e102c871613b8aeec9ea26fd8a44e7942b5ab%40%3Ccvs.httpd.apache.org%3E",
            },
            {
               name: "[httpd-cvs] 20210330 svn commit: r1888194 [3/13] - /httpd/site/trunk/content/security/json/",
               tags: [
                  "mailing-list",
                  "x_refsource_MLIST",
               ],
               url: "https://lists.apache.org/thread.html/rd65d8ba68ba17e7deedafbf5bb4899f2ae4dad781d21b931c2941ac3%40%3Ccvs.httpd.apache.org%3E",
            },
            {
               name: "[httpd-cvs] 20210330 svn commit: r1073140 [2/4] - in /websites/staging/httpd/trunk/content: ./ security/cvejsontohtml.py security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html",
               tags: [
                  "mailing-list",
                  "x_refsource_MLIST",
               ],
               url: "https://lists.apache.org/thread.html/r2cb985de917e7da0848c440535f65a247754db8b2154a10089e4247b%40%3Ccvs.httpd.apache.org%3E",
            },
            {
               name: "[httpd-cvs] 20210330 svn commit: r1073143 [2/3] - in /websites/staging/httpd/trunk/content: ./ security/",
               tags: [
                  "mailing-list",
                  "x_refsource_MLIST",
               ],
               url: "https://lists.apache.org/thread.html/r9e8622254184645bc963a1d47c5d47f6d5a36d6f080d8d2c43b2b142%40%3Ccvs.httpd.apache.org%3E",
            },
            {
               name: "[httpd-cvs] 20210330 svn commit: r1073149 [3/13] - in /websites/staging/httpd/trunk/content: ./ security/ security/json/",
               tags: [
                  "mailing-list",
                  "x_refsource_MLIST",
               ],
               url: "https://lists.apache.org/thread.html/raa117ef183f0da9b3f46efbeaa66f7622bd68868a450cae4fd8ed594%40%3Ccvs.httpd.apache.org%3E",
            },
            {
               name: "[httpd-cvs] 20210330 svn commit: r1073149 [1/13] - in /websites/staging/httpd/trunk/content: ./ security/ security/json/",
               tags: [
                  "mailing-list",
                  "x_refsource_MLIST",
               ],
               url: "https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E",
            },
            {
               name: "[httpd-cvs] 20210606 svn commit: r1075470 [2/4] - in /websites/staging/httpd/trunk/content: ./ security/json/CVE-2020-13938.json security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html",
               tags: [
                  "mailing-list",
                  "x_refsource_MLIST",
               ],
               url: "https://lists.apache.org/thread.html/r5001ecf3d6b2bdd0b732e527654248abb264f08390045d30709a92f6%40%3Ccvs.httpd.apache.org%3E",
            },
         ],
         x_legacyV4Record: {
            CVE_data_meta: {
               ASSIGNER: "cve@mitre.org",
               ID: "CVE-2004-0488",
               STATE: "PUBLIC",
            },
            affects: {
               vendor: {
                  vendor_data: [
                     {
                        product: {
                           product_data: [
                              {
                                 product_name: "n/a",
                                 version: {
                                    version_data: [
                                       {
                                          version_value: "n/a",
                                       },
                                    ],
                                 },
                              },
                           ],
                        },
                        vendor_name: "n/a",
                     },
                  ],
               },
            },
            data_format: "MITRE",
            data_type: "CVE",
            data_version: "4.0",
            description: {
               description_data: [
                  {
                     lang: "eng",
                     value: "Stack-based buffer overflow in the ssl_util_uuencode_binary function in ssl_util.c for Apache mod_ssl, when mod_ssl is configured to trust the issuing CA, may allow remote attackers to execute arbitrary code via a client certificate with a long subject DN.",
                  },
               ],
            },
            problemtype: {
               problemtype_data: [
                  {
                     description: [
                        {
                           lang: "eng",
                           value: "n/a",
                        },
                     ],
                  },
               ],
            },
            references: {
               reference_data: [
                  {
                     name: "2004-0031",
                     refsource: "TRUSTIX",
                     url: "http://www.trustix.net/errata/2004/0031/",
                  },
                  {
                     name: "oval:org.mitre.oval:def:11458",
                     refsource: "OVAL",
                     url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11458",
                  },
                  {
                     name: "MDKSA-2004:054",
                     refsource: "MANDRAKE",
                     url: "http://www.mandriva.com/security/advisories?name=MDKSA-2004:054",
                  },
                  {
                     name: "RHSA-2004:342",
                     refsource: "REDHAT",
                     url: "http://www.redhat.com/support/errata/RHSA-2004-342.html",
                  },
                  {
                     name: "RHSA-2004:245",
                     refsource: "REDHAT",
                     url: "http://rhn.redhat.com/errata/RHSA-2004-245.html",
                  },
                  {
                     name: "GLSA-200406-05",
                     refsource: "GENTOO",
                     url: "http://security.gentoo.org/glsa/glsa-200406-05.xml",
                  },
                  {
                     name: "20040527 [OpenPKG-SA-2004.026] OpenPKG Security Advisory (apache)",
                     refsource: "BUGTRAQ",
                     url: "http://marc.info/?l=bugtraq&m=108567431823750&w=2",
                  },
                  {
                     name: "RHSA-2004:405",
                     refsource: "REDHAT",
                     url: "http://www.redhat.com/support/errata/RHSA-2004-405.html",
                  },
                  {
                     name: "SSRT4788",
                     refsource: "HP",
                     url: "http://marc.info/?l=bugtraq&m=109215056218824&w=2",
                  },
                  {
                     name: "20040605-01-U",
                     refsource: "SGI",
                     url: "ftp://patches.sgi.com/support/free/security/advisories/20040605-01-U.asc",
                  },
                  {
                     name: "RHSA-2005:816",
                     refsource: "REDHAT",
                     url: "http://www.redhat.com/support/errata/RHSA-2005-816.html",
                  },
                  {
                     name: "SSRT4777",
                     refsource: "HP",
                     url: "http://marc.info/?l=bugtraq&m=109181600614477&w=2",
                  },
                  {
                     name: "20040517 mod_ssl ssl_util_uuencode_binary potential problem",
                     refsource: "FULLDISC",
                     url: "http://lists.grok.org.uk/pipermail/full-disclosure/2004-May/021610.html",
                  },
                  {
                     name: "10355",
                     refsource: "BID",
                     url: "http://www.securityfocus.com/bid/10355",
                  },
                  {
                     name: "DSA-532",
                     refsource: "DEBIAN",
                     url: "http://www.debian.org/security/2004/dsa-532",
                  },
                  {
                     name: "FLSA:1888",
                     refsource: "FEDORA",
                     url: "https://bugzilla.fedora.us/show_bug.cgi?id=1888",
                  },
                  {
                     name: "MDKSA-2004:055",
                     refsource: "MANDRAKE",
                     url: "http://www.mandriva.com/security/advisories?name=MDKSA-2004:055",
                  },
                  {
                     name: "apache-modssl-uuencode-bo(16214)",
                     refsource: "XF",
                     url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/16214",
                  },
                  {
                     name: "20040601 TSSA-2004-008 - apache",
                     refsource: "BUGTRAQ",
                     url: "http://marc.info/?l=bugtraq&m=108619129727620&w=2",
                  },
                  {
                     name: "[httpd-cvs] 20190815 svn commit: r1048742 [2/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html",
                     refsource: "MLIST",
                     url: "https://lists.apache.org/thread.html/54a42d4b01968df1117cea77fc53d6beb931c0e05936ad02af93e9ac@%3Ccvs.httpd.apache.org%3E",
                  },
                  {
                     name: "[httpd-cvs] 20190815 svn commit: r1048743 [2/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html",
                     refsource: "MLIST",
                     url: "https://lists.apache.org/thread.html/5df9bfb86a3b054bb985a45ff9250b0332c9ecc181eec232489e7f79@%3Ccvs.httpd.apache.org%3E",
                  },
                  {
                     name: "[httpd-cvs] 20200401 svn commit: r1058586 [2/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html",
                     refsource: "MLIST",
                     url: "https://lists.apache.org/thread.html/r0276683d8e1e07153fc8642618830ac0ade85b9ae0dc7b07f63bb8fc@%3Ccvs.httpd.apache.org%3E",
                  },
                  {
                     name: "[httpd-cvs] 20200401 svn commit: r1058587 [2/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html",
                     refsource: "MLIST",
                     url: "https://lists.apache.org/thread.html/r8828e649175df56f1f9e3919938ac7826128525426e2748f0ab62feb@%3Ccvs.httpd.apache.org%3E",
                  },
                  {
                     name: "[httpd-cvs] 20210330 svn commit: r1073139 [1/13] - in /websites/staging/httpd/trunk/content: ./ security/json/",
                     refsource: "MLIST",
                     url: "https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9@%3Ccvs.httpd.apache.org%3E",
                  },
                  {
                     name: "[httpd-cvs] 20210330 svn commit: r1073139 [3/13] - in /websites/staging/httpd/trunk/content: ./ security/json/",
                     refsource: "MLIST",
                     url: "https://lists.apache.org/thread.html/re895fc1736d25c8cf57e102c871613b8aeec9ea26fd8a44e7942b5ab@%3Ccvs.httpd.apache.org%3E",
                  },
                  {
                     name: "[httpd-cvs] 20210330 svn commit: r1888194 [3/13] - /httpd/site/trunk/content/security/json/",
                     refsource: "MLIST",
                     url: "https://lists.apache.org/thread.html/rd65d8ba68ba17e7deedafbf5bb4899f2ae4dad781d21b931c2941ac3@%3Ccvs.httpd.apache.org%3E",
                  },
                  {
                     name: "[httpd-cvs] 20210330 svn commit: r1073140 [2/4] - in /websites/staging/httpd/trunk/content: ./ security/cvejsontohtml.py security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html",
                     refsource: "MLIST",
                     url: "https://lists.apache.org/thread.html/r2cb985de917e7da0848c440535f65a247754db8b2154a10089e4247b@%3Ccvs.httpd.apache.org%3E",
                  },
                  {
                     name: "[httpd-cvs] 20210330 svn commit: r1073143 [2/3] - in /websites/staging/httpd/trunk/content: ./ security/",
                     refsource: "MLIST",
                     url: "https://lists.apache.org/thread.html/r9e8622254184645bc963a1d47c5d47f6d5a36d6f080d8d2c43b2b142@%3Ccvs.httpd.apache.org%3E",
                  },
                  {
                     name: "[httpd-cvs] 20210330 svn commit: r1073149 [3/13] - in /websites/staging/httpd/trunk/content: ./ security/ security/json/",
                     refsource: "MLIST",
                     url: "https://lists.apache.org/thread.html/raa117ef183f0da9b3f46efbeaa66f7622bd68868a450cae4fd8ed594@%3Ccvs.httpd.apache.org%3E",
                  },
                  {
                     name: "[httpd-cvs] 20210330 svn commit: r1073149 [1/13] - in /websites/staging/httpd/trunk/content: ./ security/ security/json/",
                     refsource: "MLIST",
                     url: "https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920@%3Ccvs.httpd.apache.org%3E",
                  },
                  {
                     name: "[httpd-cvs] 20210606 svn commit: r1075470 [2/4] - in /websites/staging/httpd/trunk/content: ./ security/json/CVE-2020-13938.json security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html",
                     refsource: "MLIST",
                     url: "https://lists.apache.org/thread.html/r5001ecf3d6b2bdd0b732e527654248abb264f08390045d30709a92f6@%3Ccvs.httpd.apache.org%3E",
                  },
               ],
            },
         },
      },
   },
   cveMetadata: {
      assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
      assignerShortName: "mitre",
      cveId: "CVE-2004-0488",
      datePublished: "2004-05-28T04:00:00",
      dateReserved: "2004-05-24T00:00:00",
      dateUpdated: "2024-08-08T00:17:15.134Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

All sightings related to this event Export sightings related to this event

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
Confirmed: The vulnerability is confirmed from an analyst perspective.
Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
Patched: This vulnerability was successfully patched by the user reporting the sighting.
Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
Not confirmed: The user expresses doubt about the veracity of the vulnerability.
Not patched: This vulnerability was not successfully patched by the user reporting the sighting.

Action not permitted