CVE-2004-0700
Summary
| CVE | CVE-2004-0700 |
|---|---|
| State | PUBLIC |
| Assigner | [email protected] |
| Source Priority | CVE Program / NVD first with legacy fallback |
| Published | 2004-07-27 04:00:00 UTC |
| Updated | 2017-07-11 01:30:00 UTC |
| Description | Format string vulnerability in the mod_proxy hook functions function in ssl_engine_log.c in mod_ssl before 2.8.19 for Apache before 1.3.31 may allow remote attackers to execute arbitrary messages via format string specifiers in certain log messages for HTTPS that are handled by the ssl_log function. |
Risk And Classification
Problem Types: NVD-CWE-Other
NVD Known Affected Configurations (CPE 2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Operating System | Gentoo | Linux | 1.4 | All | All | All |
| Operating System | Gentoo | Linux | 1.4 | All | All | All |
| Application | Mod Ssl | Mod Ssl | 2.3.11 | All | All | All |
| Application | Mod Ssl | Mod Ssl | 2.4.0 | All | All | All |
| Application | Mod Ssl | Mod Ssl | 2.4.1 | All | All | All |
| Application | Mod Ssl | Mod Ssl | 2.4.10 | All | All | All |
| Application | Mod Ssl | Mod Ssl | 2.4.2 | All | All | All |
| Application | Mod Ssl | Mod Ssl | 2.4.3 | All | All | All |
| Application | Mod Ssl | Mod Ssl | 2.4.4 | All | All | All |
| Application | Mod Ssl | Mod Ssl | 2.4.5 | All | All | All |
| Application | Mod Ssl | Mod Ssl | 2.4.6 | All | All | All |
| Application | Mod Ssl | Mod Ssl | 2.4.7 | All | All | All |
| Application | Mod Ssl | Mod Ssl | 2.4.8 | All | All | All |
| Application | Mod Ssl | Mod Ssl | 2.4.9 | All | All | All |
| Application | Mod Ssl | Mod Ssl | 2.5.0 | All | All | All |
| Application | Mod Ssl | Mod Ssl | 2.5.1 | All | All | All |
| Application | Mod Ssl | Mod Ssl | 2.6.0 | All | All | All |
| Application | Mod Ssl | Mod Ssl | 2.6.1 | All | All | All |
| Application | Mod Ssl | Mod Ssl | 2.6.2 | All | All | All |
| Application | Mod Ssl | Mod Ssl | 2.6.3 | All | All | All |
| Application | Mod Ssl | Mod Ssl | 2.6.4 | All | All | All |
| Application | Mod Ssl | Mod Ssl | 2.6.5 | All | All | All |
| Application | Mod Ssl | Mod Ssl | 2.6.6 | All | All | All |
| Application | Mod Ssl | Mod Ssl | 2.7.0 | All | All | All |
| Application | Mod Ssl | Mod Ssl | 2.7.1 | All | All | All |
| Application | Mod Ssl | Mod Ssl | 2.8.0 | All | All | All |
| Application | Mod Ssl | Mod Ssl | 2.8.1 | All | All | All |
| Application | Mod Ssl | Mod Ssl | 2.8.1.2 | All | All | All |
| Application | Mod Ssl | Mod Ssl | 2.8.10 | All | All | All |
| Application | Mod Ssl | Mod Ssl | 2.8.12 | All | All | All |
| Application | Mod Ssl | Mod Ssl | 2.8.14 | All | All | All |
| Application | Mod Ssl | Mod Ssl | 2.8.15 | All | All | All |
| Application | Mod Ssl | Mod Ssl | 2.8.16 | All | All | All |
| Application | Mod Ssl | Mod Ssl | 2.8.17 | All | All | All |
| Application | Mod Ssl | Mod Ssl | 2.8.18 | All | All | All |
| Application | Mod Ssl | Mod Ssl | 2.8.2 | All | All | All |
| Application | Mod Ssl | Mod Ssl | 2.8.3 | All | All | All |
| Application | Mod Ssl | Mod Ssl | 2.8.4 | All | All | All |
| Application | Mod Ssl | Mod Ssl | 2.8.5 | All | All | All |
| Application | Mod Ssl | Mod Ssl | 2.8.5.1 | All | All | All |
| Application | Mod Ssl | Mod Ssl | 2.8.5.2 | All | All | All |
| Application | Mod Ssl | Mod Ssl | 2.8.6 | All | All | All |
| Application | Mod Ssl | Mod Ssl | 2.8.7 | All | All | All |
| Application | Mod Ssl | Mod Ssl | 2.8.8 | All | All | All |
| Application | Mod Ssl | Mod Ssl | 2.8.9 | All | All | All |
| Application | Mod Ssl | Mod Ssl | 2.3.11 | All | All | All |
| Application | Mod Ssl | Mod Ssl | 2.4.0 | All | All | All |
| Application | Mod Ssl | Mod Ssl | 2.4.1 | All | All | All |
| Application | Mod Ssl | Mod Ssl | 2.4.10 | All | All | All |
| Application | Mod Ssl | Mod Ssl | 2.4.2 | All | All | All |
| Application | Mod Ssl | Mod Ssl | 2.4.3 | All | All | All |
| Application | Mod Ssl | Mod Ssl | 2.4.4 | All | All | All |
| Application | Mod Ssl | Mod Ssl | 2.4.5 | All | All | All |
| Application | Mod Ssl | Mod Ssl | 2.4.6 | All | All | All |
| Application | Mod Ssl | Mod Ssl | 2.4.7 | All | All | All |
| Application | Mod Ssl | Mod Ssl | 2.4.8 | All | All | All |
| Application | Mod Ssl | Mod Ssl | 2.4.9 | All | All | All |
| Application | Mod Ssl | Mod Ssl | 2.5.0 | All | All | All |
| Application | Mod Ssl | Mod Ssl | 2.5.1 | All | All | All |
| Application | Mod Ssl | Mod Ssl | 2.6.0 | All | All | All |
| Application | Mod Ssl | Mod Ssl | 2.6.1 | All | All | All |
| Application | Mod Ssl | Mod Ssl | 2.6.2 | All | All | All |
| Application | Mod Ssl | Mod Ssl | 2.6.3 | All | All | All |
| Application | Mod Ssl | Mod Ssl | 2.6.4 | All | All | All |
| Application | Mod Ssl | Mod Ssl | 2.6.5 | All | All | All |
| Application | Mod Ssl | Mod Ssl | 2.6.6 | All | All | All |
| Application | Mod Ssl | Mod Ssl | 2.7.0 | All | All | All |
| Application | Mod Ssl | Mod Ssl | 2.7.1 | All | All | All |
| Application | Mod Ssl | Mod Ssl | 2.8.0 | All | All | All |
| Application | Mod Ssl | Mod Ssl | 2.8.1 | All | All | All |
| Application | Mod Ssl | Mod Ssl | 2.8.1.2 | All | All | All |
| Application | Mod Ssl | Mod Ssl | 2.8.10 | All | All | All |
| Application | Mod Ssl | Mod Ssl | 2.8.12 | All | All | All |
| Application | Mod Ssl | Mod Ssl | 2.8.14 | All | All | All |
| Application | Mod Ssl | Mod Ssl | 2.8.15 | All | All | All |
| Application | Mod Ssl | Mod Ssl | 2.8.16 | All | All | All |
| Application | Mod Ssl | Mod Ssl | 2.8.17 | All | All | All |
| Application | Mod Ssl | Mod Ssl | 2.8.18 | All | All | All |
| Application | Mod Ssl | Mod Ssl | 2.8.2 | All | All | All |
| Application | Mod Ssl | Mod Ssl | 2.8.3 | All | All | All |
| Application | Mod Ssl | Mod Ssl | 2.8.4 | All | All | All |
| Application | Mod Ssl | Mod Ssl | 2.8.5 | All | All | All |
| Application | Mod Ssl | Mod Ssl | 2.8.5.1 | All | All | All |
| Application | Mod Ssl | Mod Ssl | 2.8.5.2 | All | All | All |
| Application | Mod Ssl | Mod Ssl | 2.8.6 | All | All | All |
| Application | Mod Ssl | Mod Ssl | 2.8.7 | All | All | All |
| Application | Mod Ssl | Mod Ssl | 2.8.8 | All | All | All |
| Application | Mod Ssl | Mod Ssl | 2.8.9 | All | All | All |
References
| Reference | Source | Link | Tags |
|---|---|---|---|
| redhat.com | Red Hat Support | REDHAT | www.redhat.com | |
| IBM X-Force Exchange | XF | exchange.xforce.ibmcloud.com | |
| Files ≈ Packet Storm | MISC | packetstormsecurity.org | |
| redhat.com | Red Hat Support | REDHAT | www.redhat.com | |
| usn/usn-177-1 - Ubuntu Linux | UBUNTU | www.ubuntu.com | |
| virulent.siyahsapka.org | MISC | virulent.siyahsapka.org | |
| MDKSA-2004:075 | MANDRAKE | www.mandrakesecure.net | |
| Apache 'mod_ssl' Log Function Format String Vulnerability | BID | www.securityfocus.com | |
| Home - Conectiva | CONECTIVA | distro.conectiva.com.br | |
| 7929 | OSVDB | www.osvdb.org | |
| '[ANNOUNCE] mod_ssl 2.8.19 for Apache 1.3.31' - MARC | MLIST | marc.info | |
| '[OpenPKG-SA-2004.032] OpenPKG Security Advisory (apache)' - MARC | BUGTRAQ | marc.info | |
| US-CERT Vulnerability Note VU#303448 | CERT-VN | www.kb.cert.org | Third Party Advisory, US Government Resource |
| FLSA:1888 | FEDORA | bugzilla.fedora.us | |
| Debian -- Security Information -- DSA-532-2 libapache-mod-ssl | DEBIAN | www.debian.org | |
| CVE Program record | CVE.ORG | www.cve.org | canonical |
| NVD vulnerability detail | NVD | nvd.nist.gov | canonical, analysis |
No vendor comments have been submitted for this CVE.
There are currently no legacy QID mappings associated with this CVE.