Executive Summary
This Alert is flagged as TOP 25 Common Weakness Enumeration from CWE/SANS. For more information, you can read this.
| Informations | |||
|---|---|---|---|
| Name | CVE-2004-0747 | First vendor Publication | 2004-10-20 |
| Vendor | Cve | Last vendor Modification | 2024-02-02 |
Security-Database Scoring CVSS v3
| Cvss vector : CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H | |||
|---|---|---|---|
| Overall CVSS Score | 7.8 | ||
| Base Score | 7.8 | Environmental Score | 7.8 |
| impact SubScore | 5.9 | Temporal Score | 7.8 |
| Exploitabality Sub Score | 1.8 | ||
| Attack Vector | Local | Attack Complexity | Low |
| Privileges Required | Low | User Interaction | None |
| Scope | Unchanged | Confidentiality Impact | High |
| Integrity Impact | High | Availability Impact | High |
| Calculate full CVSS 3.0 Vectors scores | |||
Security-Database Scoring CVSS v2
| Cvss vector : (AV:L/AC:L/Au:N/C:P/I:P/A:P) | |||
|---|---|---|---|
| Cvss Base Score | 4.6 | Attack Range | Local |
| Cvss Impact Score | 6.4 | Attack Complexity | Low |
| Cvss Expoit Score | 3.9 | Authentication | None Required |
| Calculate full CVSS 2.0 Vectors scores | |||
Detail
| Buffer overflow in Apache 2.0.50 and earlier allows local users to gain apache privileges via a .htaccess file that causes the overflow during expansion of environment variables. |
Original Source
| Url : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0747 |
CAPEC : Common Attack Pattern Enumeration & Classification
| Id | Name |
|---|---|
| CAPEC-47 | Buffer Overflow via Parameter Expansion |
| CAPEC-100 | Overflow Buffers |
| CAPEC-123 | Buffer Attacks |
CWE : Common Weakness Enumeration
| % | Id | Name |
|---|---|---|
| 100 % | CWE-131 | Incorrect Calculation of Buffer Size (CWE/SANS Top 25) |
OVAL Definitions
| Definition Id: oval:org.mitre.oval:def:11561 | |||
| Oval ID: | oval:org.mitre.oval:def:11561 | ||
| Title: | Buffer overflow in Apache 2.0.50 and earlier allows local users to gain apache privileges via a .htaccess file that causes the overflow during expansion of environment variables. | ||
| Description: | Buffer overflow in Apache 2.0.50 and earlier allows local users to gain apache privileges via a .htaccess file that causes the overflow during expansion of environment variables. | ||
| Family: | unix | Class: | vulnerability |
| Reference(s): | CVE-2004-0747 | Version: | 5 |
| Platform(s): | Red Hat Enterprise Linux 3 CentOS Linux 3 | Product(s): | |
| Definition Synopsis: | |||
CPE : Common Platform Enumeration
OpenVAS Exploits
| Date | Description |
|---|---|
| 2009-05-05 | Name : HP-UX Update for Apache with PHP HPSBUX01090 File : nvt/gb_hp_ux_HPSBUX01090.nasl |
| 2009-05-02 | Name : Apache Web Server Configuration File Environment Variable Local Buffer Overfl... File : nvt/apache_cve_2004_0747.nasl |
| 2008-09-24 | Name : Gentoo Security Advisory GLSA 200409-21 (apache) File : nvt/glsa_200409_21.nasl |
| 2008-09-04 | Name : FreeBSD Ports: apache File : nvt/freebsd_apache5.nasl |
Open Source Vulnerability Database (OSVDB)
| Id | Description |
|---|---|
| 9991 | Apache HTTP Server ap_resolve_env Environment Variable Local Overflow Apache HTTP Server and IBM HTTP Server contains a flaw that may allow a malicious user to gain access to unauthorized privileges. The issue is triggered when function ap_resolve_env() in server/util.c expands environment variable constructs from configuration files such as .htaccess or httpd.conf. For an attacker to exploit the flaw they would need to carefully craft malicious configuration files and have write access to the legitimate copies. This flaw may lead to a loss of confidentiality. |
Nessus® Vulnerability Scanner
| Date | Description |
|---|---|
| 2009-04-23 | Name : The remote FreeBSD host is missing a security-related update. File : freebsd_pkg_4d49f4ba071f11d9b45d000c41e2cdad.nasl - Type : ACT_GATHER_INFO |
| 2004-12-02 | Name : The remote host is missing a Mac OS X update that fixes a security issue. File : macosx_SecUpd20041202.nasl - Type : ACT_GATHER_INFO |
| 2004-09-24 | Name : The remote Fedora Core host is missing a security update. File : fedora_2004-313.nasl - Type : ACT_GATHER_INFO |
| 2004-09-17 | Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-200409-21.nasl - Type : ACT_GATHER_INFO |
| 2004-09-16 | Name : The remote web server is affected by multiple vulnerabilities. File : apache_2_0_51.nasl - Type : ACT_GATHER_INFO |
| 2004-09-16 | Name : The remote Mandrake Linux host is missing one or more security updates. File : mandrake_MDKSA-2004-096.nasl - Type : ACT_GATHER_INFO |
| 2004-09-15 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2004-463.nasl - Type : ACT_GATHER_INFO |
| 2004-09-15 | Name : The remote host is missing a vendor-supplied security patch File : suse_SA_2004_032.nasl - Type : ACT_GATHER_INFO |
| 2004-07-06 | Name : The remote host is using an unsupported version of Mac OS X. File : macosx_version.nasl - Type : ACT_GATHER_INFO |
Sources (Detail)
Alert History
| Date | Informations |
|---|---|
| 2024-02-02 17:28:16 |
|
| 2024-02-02 01:02:36 |
|
| 2024-02-01 12:01:32 |
|
| 2023-11-07 21:48:09 |
|
| 2023-09-05 12:02:28 |
|
| 2023-09-05 01:01:24 |
|
| 2023-09-02 12:02:30 |
|
| 2023-09-02 01:01:24 |
|
| 2023-08-12 12:03:01 |
|
| 2023-08-12 01:01:24 |
|
| 2023-08-11 12:02:36 |
|
| 2023-08-11 01:01:25 |
|
| 2023-08-06 12:02:24 |
|
| 2023-08-06 01:01:25 |
|
| 2023-08-04 12:02:28 |
|
| 2023-08-04 01:01:25 |
|
| 2023-07-14 12:02:26 |
|
| 2023-07-14 01:01:25 |
|
| 2023-03-29 01:02:28 |
|
| 2023-03-28 12:01:30 |
|
| 2022-10-11 12:02:11 |
|
| 2022-10-11 01:01:18 |
|
| 2022-09-23 21:27:40 |
|
| 2021-06-06 17:23:04 |
|
| 2021-05-04 12:02:42 |
|
| 2021-04-22 21:23:05 |
|
| 2021-04-22 01:02:53 |
|
| 2021-03-30 17:22:46 |
|
| 2020-05-23 00:15:51 |
|
| 2019-08-27 12:01:25 |
|
| 2017-10-11 09:23:22 |
|
| 2017-07-11 12:01:29 |
|
| 2016-04-26 12:52:48 |
|
| 2014-02-17 10:27:53 |
|
| 2013-05-11 11:42:37 |
|
