CVE-2004-0110
published 2004-03-15CVE-2004-0110: Buffer overflow in the (1) nanohttp or (2) nanoftp modules in XMLSoft Libxml 2 (Libxml2) 2.6.0 through 2.6.5 allow remote attackers to execute arbitrary code…
PriorityP340high7.5CVSS 2.0
AVNACLAuNCPIPAP
EXPLOIT
EPSS
24.23%
97.6th percentile
Buffer overflow in the (1) nanohttp or (2) nanoftp modules in XMLSoft Libxml 2 (Libxml2) 2.6.0 through 2.6.5 allow remote attackers to execute arbitrary code via a long URL.
Affected
19 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | libxml2 | < libxml2 2.6.6-1 (bookworm) | libxml2 2.6.6-1 (bookworm) |
| sgi | propack | — | — |
| sgi | propack | — | — |
| xmlsoft | libxml | — | — |
| xmlsoft | libxml2 | — | — |
| xmlsoft | libxml2 | — | — |
| xmlsoft | libxml2 | — | — |
| xmlsoft | libxml2 | — | — |
| xmlsoft | libxml2 | — | — |
| xmlsoft | libxml2 | — | — |
| xmlsoft | libxml2 | — | — |
| xmlsoft | libxml2 | — | — |
| xmlsoft | libxml2 | — | — |
| xmlsoft | libxml2 | — | — |
| xmlsoft | libxml2 | — | — |
| xmlsoft | libxml2 | >= 0 < 2.6.6-1 | 2.6.6-1 |
| xmlsoft | libxml2 | >= 0 < 2.6.6-1 | 2.6.6-1 |
| xmlsoft | libxml2 | >= 0 < 2.6.6-1 | 2.6.6-1 |
| xmlsoft | libxml2 | >= 0 < 2.6.6-1 | 2.6.6-1 |
CVSS provenance
nvdv2.07.5HIGHAV:N/AC:L/Au:N/C:P/I:P/A:P
osv7.5HIGH
vendor_debian7.5HIGH
vendor_redhat7.5HIGH
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-rvch-8g97-9qch: Buffer overflow in the (1) nanohttp or (2) nanoftp modules in XMLSoft Libxml 2 (Libxml2) 2
ghsa_unreviewed·2022-04-29
CVE-2004-0110 [HIGH] GHSA-rvch-8g97-9qch: Buffer overflow in the (1) nanohttp or (2) nanoftp modules in XMLSoft Libxml 2 (Libxml2) 2
Buffer overflow in the (1) nanohttp or (2) nanoftp modules in XMLSoft Libxml 2 (Libxml2) 2.6.0 through 2.6.5 allow remote attackers to execute arbitrary code via a long URL.
OSV
CVE-2004-0110: Buffer overflow in the (1) nanohttp or (2) nanoftp modules in XMLSoft Libxml 2 (Libxml2) 2
osv·2004-03-15·CVSS 7.5
CVE-2004-0110 [HIGH] CVE-2004-0110: Buffer overflow in the (1) nanohttp or (2) nanoftp modules in XMLSoft Libxml 2 (Libxml2) 2
Buffer overflow in the (1) nanohttp or (2) nanoftp modules in XMLSoft Libxml 2 (Libxml2) 2.6.0 through 2.6.5 allow remote attackers to execute arbitrary code via a long URL.
Red Hat
libxml2 long URL causes SEGV
vendor_redhat·2004-02-12·CVSS 7.5
CVE-2004-0110 [HIGH] libxml2 long URL causes SEGV
libxml2 long URL causes SEGV
Buffer overflow in the (1) nanohttp or (2) nanoftp modules in XMLSoft Libxml 2 (Libxml2) 2.6.0 through 2.6.5 allow remote attackers to execute arbitrary code via a long URL.
Debian
CVE-2004-0110: libxml2 - Buffer overflow in the (1) nanohttp or (2) nanoftp modules in XMLSoft Libxml 2 (...
vendor_debian·2004·CVSS 7.5
CVE-2004-0110 [HIGH] CVE-2004-0110: libxml2 - Buffer overflow in the (1) nanohttp or (2) nanoftp modules in XMLSoft Libxml 2 (...
Buffer overflow in the (1) nanohttp or (2) nanoftp modules in XMLSoft Libxml 2 (Libxml2) 2.6.0 through 2.6.5 allow remote attackers to execute arbitrary code via a long URL.
Scope: local
bookworm: resolved (fixed in 2.6.6-1)
bullseye: resolved (fixed in 2.6.6-1)
forky: resolved (fixed in 2.6.6-1)
sid: resolved (fixed in 2.6.6-1)
trixie: resolved (fixed in 2.6.6-1)
No detection rules found.
Bugzilla
CVE-2004-0110 libxml2 long URL causes SEGV
bugzilla·2008-01-29·CVSS 7.5
CVE-2004-0110 [HIGH] CVE-2004-0110 libxml2 long URL causes SEGV
CVE-2004-0110 libxml2 long URL causes SEGV
Common Vulnerabilities and Exposures assigned an identifier CVE-2004-0110 to the following vulnerability:
Buffer overflow in the (1) nanohttp or (2) nanoftp modules in XMLSoft Libxml 2 (Libxml2) 2.6.0 through 2.6.5 allow remote attackers to execute arbitrary code via a long URL.
References:
http://www.xmlsoft.org/news.html
http://www.debian.org/security/2004/dsa-455
http://security.gentoo.org/glsa/glsa-200403-01.xml
http://rhn.redhat.com/errata/RHSA-2004-090.html
http://www.redhat.com/support/errata/RHSA-2004-091.html
http://marc.theaimsgroup.com/?l=bugtraq&m=107851606605420&w=2
http://marc.theaimsgroup.com/?l=bugtraq&m=107860178228804&w=2
http://www.redhat.com/support/errata/RHSA-2004-650.html
http://www.novell.com/linux/security/advisories/2
Bugzilla
CAN-2004-0110 multiple buffer overflows (CAN-2004-0989)
bugzilla·2004-11-12
[MEDIUM] CAN-2004-0110 multiple buffer overflows (CAN-2004-0989)
CAN-2004-0110 multiple buffer overflows (CAN-2004-0989)
We missed these buffer overflows in libxml, which we fixed in libxml2.
http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0110
http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0989
These issues also affect FC2
Discussion:
Fixed with release 2.6.15 (and 2.6.16-3 yesterday),
Daniel
---
Right, this issue is for libxml-1.8.17 though, not libxml2.
---
To clarify this (I've confused a few people).
We ship libxml2 and libxml1. We applied these fixes to libxml2 and released
updates.
We did not apply these to libxml1.
---
Testing comment.
---
The same fix for 139090 applies directly to FC2 and FC3 version
of libxml, as a result I pushed:
- libxml-1_8_17-10_1_2 to dist-fc2-updates-candidate
- libxml-1_8_17-12 t
http://marc.info/?l=bugtraq&m=107851606605420&w=2http://marc.info/?l=bugtraq&m=107860178228804&w=2http://rhn.redhat.com/errata/RHSA-2004-090.htmlhttp://secunia.com/advisories/10958/http://security.gentoo.org/glsa/glsa-200403-01.xmlhttp://www.ciac.org/ciac/bulletins/o-086.shtmlhttp://www.debian.org/security/2004/dsa-455http://www.kb.cert.org/vuls/id/493966http://www.novell.com/linux/security/advisories/2005_01_sr.htmlhttp://www.redhat.com/support/errata/RHSA-2004-091.htmlhttp://www.redhat.com/support/errata/RHSA-2004-650.htmlhttp://www.securityfocus.com/bid/9718http://www.xmlsoft.org/news.htmlhttps://exchange.xforce.ibmcloud.com/vulnerabilities/15301https://exchange.xforce.ibmcloud.com/vulnerabilities/15302https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11626https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A833https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A875http://marc.info/?l=bugtraq&m=107851606605420&w=2http://marc.info/?l=bugtraq&m=107860178228804&w=2http://rhn.redhat.com/errata/RHSA-2004-090.htmlhttp://secunia.com/advisories/10958/http://security.gentoo.org/glsa/glsa-200403-01.xmlhttp://www.ciac.org/ciac/bulletins/o-086.shtmlhttp://www.debian.org/security/2004/dsa-455http://www.kb.cert.org/vuls/id/493966http://www.novell.com/linux/security/advisories/2005_01_sr.htmlhttp://www.redhat.com/support/errata/RHSA-2004-091.htmlhttp://www.redhat.com/support/errata/RHSA-2004-650.htmlhttp://www.securityfocus.com/bid/9718http://www.xmlsoft.org/news.htmlhttps://exchange.xforce.ibmcloud.com/vulnerabilities/15301https://exchange.xforce.ibmcloud.com/vulnerabilities/15302https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11626https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A833https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A875
2004-03-15
Published