CVE-2004-0488
published 2004-07-07CVE-2004-0488: Stack-based buffer overflow in the ssl_util_uuencode_binary function in ssl_util.c for Apache mod_ssl, when mod_ssl is configured to trust the issuing CA, may…
high7.5CVSS 3.1
AVNACLAuNCPIPAP
Stack-based buffer overflow in the ssl_util_uuencode_binary function in ssl_util.c for Apache mod_ssl, when mod_ssl is configured to trust the issuing CA, may allow remote attackers to execute arbitrary code via a client certificate with a long subject DN.
Affected
5 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| apache | http_server | >= 2.0.35 < 2.0.50 | 2.0.50 |
| debian | apache2 | < apache2 2.0.50-1 (bookworm) | apache2 2.0.50-1 (bookworm) |
| debian | debian_linux | — | — |
| redhat | enterprise_linux_server | — | — |
| redhat | enterprise_linux_workstation | — | — |
CVSS provenance
nvd7.5HIGHAV:N/AC:L/Au:N/C:P/I:P/A:P
osv7.5HIGH