CVE-2004-0940
published 2005-02-09CVE-2004-0940: Buffer overflow in the get_tag function in mod_include for Apache 1.3.x to 1.3.32 allows local users who can create SSI documents to execute arbitrary code as…
high7.8CVSS 3.1
AVLACLPRLUINSUCHIHAH
EXPLOIT
Buffer overflow in the get_tag function in mod_include for Apache 1.3.x to 1.3.32 allows local users who can create SSI documents to execute arbitrary code as the apache user via SSI (XSSI) documents that trigger a length calculation error.
Affected
21 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| apache | http_server | 1.3 – 1.3.32 | — |
| hp | hp-ux | — | — |
| hp | hp-ux | — | — |
| hp | hp-ux | — | — |
| hp | hp-ux | — | — |
| openpkg | openpkg | — | — |
| openpkg | openpkg | — | — |
| openpkg | openpkg | — | — |
| slackware | slackware_linux | — | — |
| slackware | slackware_linux | — | — |
| slackware | slackware_linux | — | — |
| slackware | slackware_linux | — | — |
| slackware | slackware_linux | — | — |
| slackware | slackware_linux | — | — |
| suse | suse_linux | — | — |
| suse | suse_linux | — | — |
| suse | suse_linux | — | — |
| suse | suse_linux | — | — |
| suse | suse_linux | — | — |
| suse | suse_linux | — | — |
| trustix | secure_linux | — | — |