CVE-2004-0700

Published Jul 27, 2004
Last updated 7 years ago
CVSS info 7.5
Overview

Description: Format string vulnerability in the mod_proxy hook functions function in ssl_engine_log.c in mod_ssl before 2.8.19 for Apache before 1.3.31 may allow remote attackers to execute arbitrary messages via format string specifiers in certain log messages for HTTPS that are handled by the ssl_log function.
Source: cve@mitre.org
NVD status: Modified
Risk scores

CVSS 2.0

Type: Primary
Base score: 7.5
Impact score: 6.4
Exploitability score: 10
Vector string: AV:N/AC:L/Au:N/C:P/I:P/A:P
Weaknesses

nvd@nist.gov: NVD-CWE-Other
Hype score: Not currently trending
Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:mod_ssl:mod_ssl:2.3.11:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "2B29D8AB-D664-4AF1-8967-03572ECBBA38"
          },
          {
            "criteria": "cpe:2.3:a:mod_ssl:mod_ssl:2.4.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "E78D69A6-3F25-4048-8739-E8A064C5614D"
          },
          {
            "criteria": "cpe:2.3:a:mod_ssl:mod_ssl:2.4.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "0229B381-1AD6-4AEC-8B94-0D2AF77DC60A"
          },
          {
            "criteria": "cpe:2.3:a:mod_ssl:mod_ssl:2.4.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "E257E1DB-C60A-4BD4-9FE9-F3D784D30BEB"
          },
          {
            "criteria": "cpe:2.3:a:mod_ssl:mod_ssl:2.4.3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "8FC3770C-D06D-496D-8F28-9A4036B498E6"
          },
          {
            "criteria": "cpe:2.3:a:mod_ssl:mod_ssl:2.4.4:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "AC894E0F-1CC9-43BF-8E83-673034BB0211"
          },
          {
            "criteria": "cpe:2.3:a:mod_ssl:mod_ssl:2.4.5:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "ABA6F650-DDBD-4A93-A4AF-73A07F362BBA"
          },
          {
            "criteria": "cpe:2.3:a:mod_ssl:mod_ssl:2.4.6:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "3234A39B-79B9-4A41-A72F-8FD1477E21C4"
          },
          {
            "criteria": "cpe:2.3:a:mod_ssl:mod_ssl:2.4.7:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "C4A08F3D-CAB6-4F10-B7E3-6580FB2A6CA0"
          },
          {
            "criteria": "cpe:2.3:a:mod_ssl:mod_ssl:2.4.8:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "8B9C8865-9A18-4507-B9E3-48F4F19C18EA"
          },
          {
            "criteria": "cpe:2.3:a:mod_ssl:mod_ssl:2.4.9:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "F57A822D-E474-49B1-A262-BDA9829ED2CB"
          },
          {
            "criteria": "cpe:2.3:a:mod_ssl:mod_ssl:2.4.10:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "049AADD4-CBBB-4CA3-8105-D3D94649C6BD"
          },
          {
            "criteria": "cpe:2.3:a:mod_ssl:mod_ssl:2.5.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "67FCB442-61F5-42B3-849D-70638627B7CC"
          },
          {
            "criteria": "cpe:2.3:a:mod_ssl:mod_ssl:2.5.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "8F910BD4-B1C5-458B-9540-8F9E32C1FC7A"
          },
          {
            "criteria": "cpe:2.3:a:mod_ssl:mod_ssl:2.6.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "2DC707E0-4F4D-45C2-86C4-F6764668FDB2"
          },
          {
            "criteria": "cpe:2.3:a:mod_ssl:mod_ssl:2.6.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "61731D0A-2C38-4C2A-8FC0-0634D7EFA0E4"
          },
          {
            "criteria": "cpe:2.3:a:mod_ssl:mod_ssl:2.6.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "92D81C48-613B-4021-95A9-F049CDC63E23"
          },
          {
            "criteria": "cpe:2.3:a:mod_ssl:mod_ssl:2.6.3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "1D73CD68-2C38-4FE8-9ABE-5558E7BF135B"
          },
          {
            "criteria": "cpe:2.3:a:mod_ssl:mod_ssl:2.6.4:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "C1B98B05-AEE6-4753-B3F3-8B09DE91985B"
          },
          {
            "criteria": "cpe:2.3:a:mod_ssl:mod_ssl:2.6.5:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "E3061E09-41FD-4477-B8DA-AA019F63C5F2"
          },
          {
            "criteria": "cpe:2.3:a:mod_ssl:mod_ssl:2.6.6:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "F810E15C-61CF-40D0-9F40-12B1A65F8EAE"
          },
          {
            "criteria": "cpe:2.3:a:mod_ssl:mod_ssl:2.7.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "3BDE0520-8E51-4DFF-8CA2-5EF32281DD15"
          },
          {
            "criteria": "cpe:2.3:a:mod_ssl:mod_ssl:2.7.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "BB888875-1AFC-4569-B783-CDE92B717882"
          },
          {
            "criteria": "cpe:2.3:a:mod_ssl:mod_ssl:2.8.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "FD6F68B8-B03D-43F9-BD40-1C30829597A6"
          },
          {
            "criteria": "cpe:2.3:a:mod_ssl:mod_ssl:2.8.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "C39E94EF-FEF4-41CA-BCD5-F3273D40D0F0"
          },
          {
            "criteria": "cpe:2.3:a:mod_ssl:mod_ssl:2.8.1.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "5778FC41-73B9-46E8-8A75-1BB09D36D081"
          },
          {
            "criteria": "cpe:2.3:a:mod_ssl:mod_ssl:2.8.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "08A7DE9F-3088-445E-A09A-FC8E155C4E95"
          },
          {
            "criteria": "cpe:2.3:a:mod_ssl:mod_ssl:2.8.3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "3906A1FB-3105-4248-B9D2-B915AEF90E9A"
          },
          {
            "criteria": "cpe:2.3:a:mod_ssl:mod_ssl:2.8.4:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "F1DB98C0-A15B-4186-8DAC-D906ABBEC2F7"
          },
          {
            "criteria": "cpe:2.3:a:mod_ssl:mod_ssl:2.8.5:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "15B615EC-D5AF-4C62-AF0A-453F7FD11DAD"
          },
          {
            "criteria": "cpe:2.3:a:mod_ssl:mod_ssl:2.8.5.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "A56EBBAA-30C7-4872-9966-F2DA78FC4AC9"
          },
          {
            "criteria": "cpe:2.3:a:mod_ssl:mod_ssl:2.8.5.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "77AC8014-D4BE-498B-A684-D2C2AA9CDB41"
          },
          {
            "criteria": "cpe:2.3:a:mod_ssl:mod_ssl:2.8.6:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "50211658-1959-4E97-9FF5-6ABAF3B98C36"
          },
          {
            "criteria": "cpe:2.3:a:mod_ssl:mod_ssl:2.8.7:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "CFC67365-5E6C-4BA2-B50F-5D6A6B3E7E72"
          },
          {
            "criteria": "cpe:2.3:a:mod_ssl:mod_ssl:2.8.8:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "4A320B10-6961-4A6F-BE8E-B4C1E90C0291"
          },
          {
            "criteria": "cpe:2.3:a:mod_ssl:mod_ssl:2.8.9:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "6535C201-61AE-4C2F-950F-D55C554DF4DD"
          },
          {
            "criteria": "cpe:2.3:a:mod_ssl:mod_ssl:2.8.10:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "7E038ED0-981E-4107-A0CC-59CBCF32D618"
          },
          {
            "criteria": "cpe:2.3:a:mod_ssl:mod_ssl:2.8.12:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "7F857736-54C2-45DF-B93C-CA8152E433A0"
          },
          {
            "criteria": "cpe:2.3:a:mod_ssl:mod_ssl:2.8.14:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "01DDB4D6-07E4-4EF6-BF70-363543373003"
          },
          {
            "criteria": "cpe:2.3:a:mod_ssl:mod_ssl:2.8.15:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "A691D1FB-75BB-400A-994A-CFAC2C276085"
          },
          {
            "criteria": "cpe:2.3:a:mod_ssl:mod_ssl:2.8.16:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "E8D44D44-51B2-479E-BC44-128B4340A93E"
          },
          {
            "criteria": "cpe:2.3:a:mod_ssl:mod_ssl:2.8.17:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "BAA93449-5248-45FB-AD18-F407BADBC500"
          },
          {
            "criteria": "cpe:2.3:a:mod_ssl:mod_ssl:2.8.18:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "D680A59D-4BA8-4F9B-95E5-49F15B6A1388"
          }
        ],
        "operator": "OR"
      }
    ]
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:gentoo:linux:1.4:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "65ED9D8C-604D-4B0B-A192-C0DA4D2E9AEB"
          }
        ],
        "operator": "OR"
      }
    ]
  }
]
Overview

Risk scores

CVSS 2.0

Weaknesses

Social media

Configurations

References
