CVE-2013-5704

Common vulnerabilities & exposures (CVE)

CVE database CVE database blogpost Release & EoL database

Published at: - 19-10-2013 02:00

Last modified: - 19-10-2013 02:00

Total changes: - 11

Description

CVE-2013-5704 httpd: bypass of mod_headers rules via chunked requests

Common Vulnerability Scoring System (CVSS)

AV:N/AC:M/Au:N/C:N/I:P/A:N

Low

Attack complexity

Network

Attack vector

None

Availability

None

Confidentiality

Low

Integrity

-

Privileges required

-

Scope

-

User interaction

4.3

Base score

Exploitability score

Impact score

Verification logic

OR

AND

product=httpd-0 AND versionEndExcluding=2.2.15-45.el6

vendor=Red Hat Enterprise Linux AND product=enterprise_linux AND version=6

AND

product=httpd-0 AND versionEndExcluding=2.4.6-31.el7

vendor=Red Hat Enterprise Linux AND product=enterprise_linux AND version=7

AND

product=httpd-0 AND versionEndExcluding=2.2.26-41.ep6.el5

vendor=Red Hat Enterprise Linux AND product=jboss_enterprise_web_server AND version=2

AND

product=mod_cluster-native-0 AND versionEndExcluding=1.2.9-6.Final_redhat_2.ep6.el5

vendor=Red Hat Enterprise Linux AND product=jboss_enterprise_web_server AND version=2

AND

product=httpd-0 AND versionEndExcluding=2.2.26-41.ep6.el6

vendor=Red Hat Enterprise Linux AND product=jboss_enterprise_web_server AND version=2

AND

product=mod_cluster-native-0 AND versionEndExcluding=1.2.9-6.Final_redhat_2.ep6.el6

vendor=Red Hat Enterprise Linux AND product=jboss_enterprise_web_server AND version=2

AND

product=httpd22-0 AND versionEndExcluding=2.2.26-42.ep6.el7

vendor=Red Hat Enterprise Linux AND product=jboss_enterprise_web_server AND version=2

AND

product=mod_cluster-native-0 AND versionEndExcluding=1.2.9-6.Final_redhat_2.ep6.el7

vendor=Red Hat Enterprise Linux AND product=jboss_enterprise_web_server AND version=2

AND

product=httpd

vendor=Red Hat Enterprise Linux AND product=jboss_enterprise_web_server AND version=2.1

AND

vendor=Red Hat Enterprise Linux AND product=jboss_enterprise_web_server AND version=3.0

AND

product=apache-commons-collections-eap6-0 AND versionEndExcluding=3.2.1-18.redhat_7.1.ep6.el6

vendor=Red Hat Enterprise Linux AND product=jboss_enterprise_web_server AND version=3.0

AND

product=httpd24-0 AND versionEndExcluding=2.4.6-59.ep7.el6

vendor=Red Hat Enterprise Linux AND product=jboss_enterprise_web_server AND version=3.0

AND

product=mod_bmx-0 AND versionEndExcluding=0.9.5-7.GA.ep7.el6

vendor=Red Hat Enterprise Linux AND product=jboss_enterprise_web_server AND version=3.0

AND

product=mod_cluster-native-0 AND versionEndExcluding=1.3.1-6.Final_redhat_2.ep7.el6

vendor=Red Hat Enterprise Linux AND product=jboss_enterprise_web_server AND version=3.0

AND

product=Tomcat AND versionEndExcluding=7.0.59-42_patch_01.ep7.el6

vendor=Red Hat Enterprise Linux AND product=jboss_enterprise_web_server AND version=3.0

AND

product=Tomcat AND versionEndExcluding=8.0.18-52_patch_01.ep7.el6

vendor=Red Hat Enterprise Linux AND product=jboss_enterprise_web_server AND version=3.0

AND

product=tomcat-vault-0 AND versionEndExcluding=1.0.8-4.Final_redhat_4.1.ep7.el6

vendor=Red Hat Enterprise Linux AND product=jboss_enterprise_web_server AND version=3.0

AND

product=apache-commons-collections-eap6-0 AND versionEndExcluding=3.2.1-18.redhat_7.1.ep6.el7

vendor=Red Hat Enterprise Linux AND product=jboss_enterprise_web_server AND version=3.0

AND

product=httpd24-0 AND versionEndExcluding=2.4.6-59.ep7.el7

vendor=Red Hat Enterprise Linux AND product=jboss_enterprise_web_server AND version=3.0

AND

product=mod_bmx-0 AND versionEndExcluding=0.9.5-7.GA.ep7.el7

vendor=Red Hat Enterprise Linux AND product=jboss_enterprise_web_server AND version=3.0

AND

product=mod_cluster-native-0 AND versionEndExcluding=1.3.1-6.Final_redhat_2.ep7.el7

vendor=Red Hat Enterprise Linux AND product=jboss_enterprise_web_server AND version=3.0

AND

product=Tomcat AND versionEndExcluding=7.0.59-42_patch_01.ep7.el7

vendor=Red Hat Enterprise Linux AND product=jboss_enterprise_web_server AND version=3.0

AND

product=Tomcat AND versionEndExcluding=8.0.18-52_patch_01.ep7.el7

vendor=Red Hat Enterprise Linux AND product=jboss_enterprise_web_server AND version=3.0

AND

product=tomcat-vault-0 AND versionEndExcluding=1.0.8-4.Final_redhat_4.1.ep7.el7

vendor=Red Hat Enterprise Linux AND product=jboss_enterprise_web_server AND version=3.0

AND

product=httpd24-httpd-0 AND versionEndExcluding=2.4.6-22.el6

vendor=Red Hat Enterprise Linux AND product=rhel_software_collections AND version=1

AND

product=httpd24-httpd-0 AND versionEndExcluding=2.4.6-22.el6

vendor=Red Hat Enterprise Linux AND product=rhel_software_collections AND version=1

AND

product=httpd24-httpd-0 AND versionEndExcluding=2.4.6-22.el6

vendor=Red Hat Enterprise Linux AND product=rhel_software_collections AND version=1

AND

product=httpd24-httpd-0 AND versionEndExcluding=2.4.6-22.el6

vendor=Red Hat Enterprise Linux AND product=rhel_software_collections AND version=1

AND

product=httpd24-httpd-0 AND versionEndExcluding=2.4.6-25.el7

vendor=Red Hat Enterprise Linux AND product=rhel_software_collections AND version=1

AND

product=httpd AND version=

vendor=Red Hat Enterprise Linux AND product=directory_server AND version=8

AND

product=httpd AND version=

vendor=Red Hat Enterprise Linux AND product=enterprise_linux AND version=5

AND

product=httpd AND version=

vendor=Red Hat Enterprise Linux AND product=jboss_enterprise_application_platform AND version=5

AND

product=httpd AND version=

vendor=Red Hat Enterprise Linux AND product=jboss_enterprise_application_platform AND version=6

AND

product=httpd AND version=

vendor=Red Hat Enterprise Linux AND product=jboss_enterprise_web_server AND version=1

Reference

Keywords

REDHAT

CVE-2013-5704

CVE

Common vulnerabilities & exposures

CVSS

Common vulnerability scoring system

Security

Vulnerabilities

Exposures

We use cookies to ensure that we give you the best experience on our website. Read privacy policies for more information.