ID CVE-2004-1765
Summary Off-by-one buffer overflow in ModSecurity (mod_security) 1.7.4 for Apache 2.x, when SecFilterScanPost is enabled, allows remote attackers to execute arbitrary code via crafted POST requests.
References
Vulnerable Configurations
  • cpe:2.3:a:mod_security:mod_security:1.7.4:*:*:*:*:*:*:*
    cpe:2.3:a:mod_security:mod_security:1.7.4:*:*:*:*:*:*:*
CVSS
Base: 7.5 (as of 11-07-2017 - 01:31)
Impact:
Exploitability:
CWE NVD-CWE-Other
CAPEC
Access
VectorComplexityAuthentication
NETWORK LOW NONE
Impact
ConfidentialityIntegrityAvailability
PARTIAL PARTIAL PARTIAL
cvss-vector via4 AV:N/AC:L/Au:N/C:P/I:P/A:P
refmap via4
bid 9885
bugtraq 20040316 ModSecurity 1.7.4 for Apache 2.x remote off-by-one overflow
cert-vn VU#779438
confirm http://www.modsecurity.org/
misc http://www.s-quadra.com/advisories/Adv-20040315.txt
secunia 11138
xf mod-security-offbyone-bo(15489)
Last major update 11-07-2017 - 01:31
Published 31-12-2004 - 05:00
Back to Top