OVAL Repository - View Definition: oval:org.mitre.oval:def:100112

OVAL Repository > View Definition

View Definition

NEW SEARCH : BACK

Definition Id: oval:org.mitre.oval:def:100112		Version: 2 Last Modified: 2008-10-18
Title:	Apache mod_proxy Content-Length Header Buffer Overflow
Description:	Heap-based buffer overflow in proxy_util.c for mod_proxy in Apache 1.3.25 to 1.3.31 allows remote attackers to cause a denial of service (process crash) and possibly execute arbitrary code via a negative Content-Length HTTP header field, which causes a large amount of data to be copied.
Family:	unix	Class:	vulnerability
Status:	ACCEPTED	Reference(s):	CVE-2004-0492
Platform(s):	Sun Solaris 8 Sun Solaris 9	Product(s):	Apache httpd
Definition Synopsis:
Applicable version of Solaris is running Solaris 8 (SPARC) meets Sun Alert ID 101555 criteria. Solaris 8 Installed AND sparc architecture AND NOT Patch 116973-02 or later installed OR Solaris 8 (x86) meets Sun Alert ID 101555 criteria. Solaris 8 Installed AND ix86 architecture AND NOT Patch 116974-02 or later installed OR Solaris 9 (SPARC) meets Sun Alert ID 101555 criteria. Solaris 9 Installed AND sparc architecture AND NOT Patch 113146-05 or later installed OR Solaris 9 (x86) meets Sun Alert ID 101555 criteria. Solaris 9 Installed AND ix86 architecture AND NOT Patch 114145-04 or later installed AND Apache running (httpd)

NEW SEARCH : BACK

OVAL Repository

About the Repository

OVAL Repository Forum

Author’s Resources

Items of Interest