CVE-2004-0747

 

Published at: - 20-10-2004 06:00

Last modified: - 23-09-2022 05:22

Total changes: - 5

Description

Buffer overflow in Apache 2.0.50 and earlier allows local users to gain apache privileges via a .htaccess file that causes the overflow during expansion of environment variables.

Common Vulnerability Scoring System (CVSS)

AV:L/AC:L/Au:N/C:P/I:P/A:P

 

Verification logic

 

Reference

• RHSA-2004:463-Third Party Advisory
• GLSA-200409-21-Third Party Advisory
• MDKSA-2004:096-Broken Link
• SUSE-SA:2004:032-Broken Link
• 2004-0047-Broken Link
• VU#481998-Third Party Advisory, US Government Resource
• 1011303-Broken Link, Third Party Advisory, VDB Entry
• 12540-Not Applicable
• http://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=205147
• 34920-Not Applicable
• ADV-2009-1233-Permissions Required
• apache-env-configuration-bo(17384)-Third Party Advisory, VDB Entry
• oval:org.mitre.oval:def:11561-Third Party Advisory
• [httpd-cvs] 20190815 svn commit: r1048742 [2/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.html security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html-Mailing List, Vendor Advisory
• [httpd-cvs] 20190815 svn commit: r1048743 [2/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.html security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html-Mailing List, Vendor Advisory
• [httpd-cvs] 20200401 svn commit: r1058586 [2/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.html security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html-Mailing List, Vendor Advisory
• [httpd-cvs] 20200401 svn commit: r1058587 [2/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.html security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html-Mailing List, Vendor Advisory
• [httpd-cvs] 20210330 svn commit: r1073139 [1/13] - in /websites/staging/httpd/trunk/content: ./ security/json/-Mailing List, Vendor Advisory
• [httpd-cvs] 20210330 svn commit: r1888194 [3/13] - /httpd/site/trunk/content/security/json/-Mailing List, Vendor Advisory
• [httpd-cvs] 20210330 svn commit: r1073139 [3/13] - in /websites/staging/httpd/trunk/content: ./ security/json/-Mailing List, Vendor Advisory
• [httpd-cvs] 20210330 svn commit: r1073140 [2/4] - in /websites/staging/httpd/trunk/content: ./ security/cvejsontohtml.py security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html-Mailing List, Vendor Advisory
• [httpd-cvs] 20210330 svn commit: r1073143 [2/3] - in /websites/staging/httpd/trunk/content: ./ security/-Mailing List, Vendor Advisory
• [httpd-cvs] 20210330 svn commit: r1073149 [4/13] - in /websites/staging/httpd/trunk/content: ./ security/ security/json/-Mailing List, Vendor Advisory
• [httpd-cvs] 20210330 svn commit: r1073149 [1/13] - in /websites/staging/httpd/trunk/content: ./ security/ security/json/-Mailing List, Vendor Advisory
• [httpd-cvs] 20210422 svn commit: r1074079 [2/3] - in /websites/staging/httpd/trunk/content: ./ apreq/ contribute/ contributors/ dev/ docs-project/ docs/ info/ mod_fcgid/ mod_ftp/ mod_mbox/ mod_smtpd/ modules/ security/ test/ test/flood/-Mailing List, Vendor Advisory
• [httpd-cvs] 20210606 svn commit: r1075470 [2/4] - in /websites/staging/httpd/trunk/content: ./ security/json/CVE-2020-13938.json security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html-Mailing List, Vendor Advisory

 

Keywords

NVD

 

CVE-2004-0747

 

CVE

 

Common vulnerabilities & exposures

 

CVSS

 

Common vulnerability scoring system

 

Security

 

Vulnerabilities

 

Exposures