ID CVE-2004-0493
Summary The ap_get_mime_headers_core function in Apache httpd 2.0.49 allows remote attackers to cause a denial of service (memory exhaustion), and possibly an integer signedness error leading to a heap-based buffer overflow on 64 bit systems, via long header lines with large numbers of space or tab characters.
References
Vulnerable Configurations
  • cpe:2.3:h:avaya:converged_communications_server:2.0:*:*:*:*:*:*:*
    cpe:2.3:h:avaya:converged_communications_server:2.0:*:*:*:*:*:*:*
  • cpe:2.3:o:gentoo:linux:1.4:*:*:*:*:*:*:*
    cpe:2.3:o:gentoo:linux:1.4:*:*:*:*:*:*:*
  • cpe:2.3:o:trustix:secure_linux:1.5:*:*:*:*:*:*:*
    cpe:2.3:o:trustix:secure_linux:1.5:*:*:*:*:*:*:*
  • cpe:2.3:o:trustix:secure_linux:2.0:*:*:*:*:*:*:*
    cpe:2.3:o:trustix:secure_linux:2.0:*:*:*:*:*:*:*
  • cpe:2.3:o:trustix:secure_linux:2.1:*:*:*:*:*:*:*
    cpe:2.3:o:trustix:secure_linux:2.1:*:*:*:*:*:*:*
  • cpe:2.3:a:apache:http_server:2.0.47:*:*:*:*:*:*:*
    cpe:2.3:a:apache:http_server:2.0.47:*:*:*:*:*:*:*
  • cpe:2.3:a:apache:http_server:2.0.48:*:*:*:*:*:*:*
    cpe:2.3:a:apache:http_server:2.0.48:*:*:*:*:*:*:*
  • cpe:2.3:a:apache:http_server:2.0.49:*:*:*:*:*:*:*
    cpe:2.3:a:apache:http_server:2.0.49:*:*:*:*:*:*:*
  • cpe:2.3:a:ibm:http_server:2.0.42:*:*:*:*:*:*:*
    cpe:2.3:a:ibm:http_server:2.0.42:*:*:*:*:*:*:*
  • cpe:2.3:a:ibm:http_server:2.0.42.1:*:*:*:*:*:*:*
    cpe:2.3:a:ibm:http_server:2.0.42.1:*:*:*:*:*:*:*
  • cpe:2.3:a:ibm:http_server:2.0.42.2:*:*:*:*:*:*:*
    cpe:2.3:a:ibm:http_server:2.0.42.2:*:*:*:*:*:*:*
  • cpe:2.3:a:ibm:http_server:2.0.47:*:*:*:*:*:*:*
    cpe:2.3:a:ibm:http_server:2.0.47:*:*:*:*:*:*:*
  • cpe:2.3:a:ibm:http_server:2.0.47.1:*:*:*:*:*:*:*
    cpe:2.3:a:ibm:http_server:2.0.47.1:*:*:*:*:*:*:*
  • cpe:2.3:h:avaya:s8300:r2.0.0:*:*:*:*:*:*:*
    cpe:2.3:h:avaya:s8300:r2.0.0:*:*:*:*:*:*:*
  • cpe:2.3:h:avaya:s8500:r2.0.0:*:*:*:*:*:*:*
    cpe:2.3:h:avaya:s8500:r2.0.0:*:*:*:*:*:*:*
  • cpe:2.3:h:avaya:s8700:r2.0.0:*:*:*:*:*:*:*
    cpe:2.3:h:avaya:s8700:r2.0.0:*:*:*:*:*:*:*
CVSS
Base: 6.4 (as of 11-10-2017 - 01:29)
Impact:
Exploitability:
CWE NVD-CWE-Other
CAPEC
Access
VectorComplexityAuthentication
NETWORK LOW NONE
Impact
ConfidentialityIntegrityAvailability
NONE PARTIAL PARTIAL
cvss-vector via4 AV:N/AC:L/Au:N/C:N/I:P/A:P
oval via4
accepted 2013-04-29T04:07:02.863-04:00
class vulnerability
contributors
  • name Aharon Chernin
    organization SCAP.com, LLC
  • name Dragos Prisaca
    organization G2, Inc.
definition_extensions
  • comment The operating system installed on the system is Red Hat Enterprise Linux 3
    oval oval:org.mitre.oval:def:11782
  • comment CentOS Linux 3.x
    oval oval:org.mitre.oval:def:16651
description The ap_get_mime_headers_core function in Apache httpd 2.0.49 allows remote attackers to cause a denial of service (memory exhaustion), and possibly an integer signedness error leading to a heap-based buffer overflow on 64 bit systems, via long header lines with large numbers of space or tab characters.
family unix
id oval:org.mitre.oval:def:10605
status accepted
submitted 2010-07-09T03:56:16-04:00
title The ap_get_mime_headers_core function in Apache httpd 2.0.49 allows remote attackers to cause a denial of service (memory exhaustion), and possibly an integer signedness error leading to a heap-based buffer overflow on 64 bit systems, via long header lines with large numbers of space or tab characters.
version 29
redhat via4
advisories
rhsa
id RHSA-2004:342
rpms
  • httpd-0:2.0.46-32.ent.3
  • httpd-debuginfo-0:2.0.46-32.ent.3
  • httpd-devel-0:2.0.46-32.ent.3
  • mod_ssl-1:2.0.46-32.ent.3
refmap via4
bid 10619
bugtraq 20040629 TSSA-2004-012 - apache
confirm http://www.apacheweek.com/features/security-20
fulldisc 20040628 DoS in apache httpd 2.0.49, yet still apache much better than windows
gentoo GLSA-200407-03
hp SSRT4777
mandrake MDKSA-2004:064
misc http://www.guninski.com/httpd1.html
mlist
  • [httpd-cvs] 20190815 svn commit: r1048742 [2/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html
  • [httpd-cvs] 20190815 svn commit: r1048743 [2/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html
  • [httpd-cvs] 20200401 svn commit: r1058586 [2/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html
  • [httpd-cvs] 20200401 svn commit: r1058587 [2/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html
trustix 2004-0039
xf apache-apgetmimeheaderscore-dos(16524)
statements via4
contributor Mark J Cox
lastmodified 2008-07-02
organization Apache
statement Fixed in Apache HTTP Server 2.0.50: http://httpd.apache.org/security/vulnerabilities_20.html
Last major update 11-10-2017 - 01:29
Published 06-08-2004 - 04:00
Last modified 11-10-2017 - 01:29
Back to Top