Search

Find a vulnerability

Search criteria

    6 vulnerabilities found for stronghold by redhat

    VAR-200407-0075

    Vulnerability from variot - Updated: 2025-04-03 21:45

    Stack-based buffer overflow in the ssl_util_uuencode_binary function in ssl_util.c for Apache mod_ssl, when mod_ssl is configured to trust the issuing CA, may allow remote attackers to execute arbitrary code via a client certificate with a long subject DN. mod_ssl Is httpd.conf In SSLOptions Is a directive option FakeBasicAuth If enabled, a buffer overflow vulnerability exists.SSL Is enabled Apache HTTP Server Service disruption at (DoS) It may be in a state. Oracle Database Server, Oracle Application Server, Oracle Collaboration Suite, Oracle E-Business and Applications, Oracle Enterprise Manager Grid Control, and Oracle PeopleSoft Applications are reported prone to multiple vulnerabilities. Oracle has released a Critical Patch Update to address these issues in various supported applications and platforms. Other non-supported versions may be affected, but Symantec has not confirmed this. The issues identified by the vendor affect all security properties of the Oracle products and present local and remote threats. While various levels of authorization are required to leverage some issues, others do not require any authorization. This BID will be divided and updated into separate BIDs when more information is available. A stack-based buffer overflow has been reported in the Apache 'mod_ssl' module. This issue is exposed in utility code for uuencoding binary data. This issue would most likely result in a denial of service if triggered, but could theoretically allow arbitrary code to run. The issue is not believed to be exploitable to execute arbitrary code on x86 architectures, but this may not be the case with other architectures. Mod_SSL is the SSL implementation on the Apache server, used to provide encryption support for the Apache web server. A remote attacker can use the ssl_engine_kernel.c module that uses this function to conduct a denial of service attack or execute arbitrary instructions in the WEB process

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-200407-0075",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "linux",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "debian",
            "version": "3.0"
          },
          {
            "model": "enterprise linux workstation",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "redhat",
            "version": "2.0"
          },
          {
            "model": "enterprise linux server",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "redhat",
            "version": "2.0"
          },
          {
            "model": "http server",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "apache",
            "version": "2.0.50"
          },
          {
            "model": "http server",
            "scope": "gte",
            "trust": 1.0,
            "vendor": "apache",
            "version": "2.0.35"
          },
          {
            "model": "secure linux",
            "scope": "eq",
            "trust": 0.9,
            "vendor": "trustix",
            "version": "2.1"
          },
          {
            "model": "secure linux",
            "scope": "eq",
            "trust": 0.9,
            "vendor": "trustix",
            "version": "1.5"
          },
          {
            "model": "secure linux",
            "scope": "eq",
            "trust": 0.9,
            "vendor": "trustix",
            "version": "2.0"
          },
          {
            "model": "http server",
            "scope": "lte",
            "trust": 0.8,
            "vendor": "apache",
            "version": "2.0.49"
          },
          {
            "model": "mod ssl",
            "scope": "lte",
            "trust": 0.8,
            "vendor": "modssl",
            "version": "2.8.17"
          },
          {
            "model": "asianux server",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "cybertrust",
            "version": "1.1"
          },
          {
            "model": "asianux server",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "cybertrust",
            "version": "2.0"
          },
          {
            "model": "asianux server",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "cybertrust",
            "version": "2.1"
          },
          {
            "model": "asianux server",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "cybertrust",
            "version": "3.0"
          },
          {
            "model": "cobalt raq550",
            "scope": null,
            "trust": 0.8,
            "vendor": "sun microsystems",
            "version": null
          },
          {
            "model": "turbolinux server",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "turbo linux",
            "version": "6.5"
          },
          {
            "model": "turbolinux server",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "turbo linux",
            "version": "7"
          },
          {
            "model": "turbolinux server",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "turbo linux",
            "version": "8"
          },
          {
            "model": "hp-ux",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "hewlett packard",
            "version": "11.00"
          },
          {
            "model": "hp-ux",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "hewlett packard",
            "version": "11.04"
          },
          {
            "model": "hp-ux",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "hewlett packard",
            "version": "11.11"
          },
          {
            "model": "hp-ux",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "hewlett packard",
            "version": "11.22"
          },
          {
            "model": "hp-ux",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "hewlett packard",
            "version": "11.23"
          },
          {
            "model": "enterprise linux",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "red hat",
            "version": "2.1 (as)"
          },
          {
            "model": "enterprise linux",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "red hat",
            "version": "2.1 (es)"
          },
          {
            "model": "enterprise linux",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "red hat",
            "version": "2.1 (ws)"
          },
          {
            "model": "enterprise linux",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "red hat",
            "version": "3 (as)"
          },
          {
            "model": "enterprise linux",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "red hat",
            "version": "3 (es)"
          },
          {
            "model": "enterprise linux",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "red hat",
            "version": "3 (ws)"
          },
          {
            "model": "oneworld xe/erp8 applications sp22",
            "scope": null,
            "trust": 0.3,
            "vendor": "peoplesoft",
            "version": null
          },
          {
            "model": "enterpriseone applications",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "peoplesoft",
            "version": "8.93"
          },
          {
            "model": "enterpriseone applications sp2",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "peoplesoft",
            "version": "8.9"
          },
          {
            "model": "oracle9i standard edition",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "9.2.6"
          },
          {
            "model": "oracle9i standard edition",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "9.2.0.5"
          },
          {
            "model": "oracle9i standard edition",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "9.0.4"
          },
          {
            "model": "oracle9i standard edition",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "9.0.1.5"
          },
          {
            "model": "oracle9i standard edition",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "9.0.1.4"
          },
          {
            "model": "oracle9i personal edition",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "9.2.6"
          },
          {
            "model": "oracle9i personal edition",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "9.2.0.5"
          },
          {
            "model": "oracle9i personal edition",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "9.0.4"
          },
          {
            "model": "oracle9i personal edition",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "9.0.1.5"
          },
          {
            "model": "oracle9i personal edition",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "9.0.1.4"
          },
          {
            "model": "oracle9i enterprise edition",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "9.2.6.0"
          },
          {
            "model": "oracle9i enterprise edition",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "9.2.0.5"
          },
          {
            "model": "oracle9i enterprise edition",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "9.0.4"
          },
          {
            "model": "oracle9i enterprise edition",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "9.0.1.5"
          },
          {
            "model": "oracle9i enterprise edition",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "9.0.1.4"
          },
          {
            "model": "oracle9i application server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "9.0.3.1"
          },
          {
            "model": "oracle9i application server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "9.0.2.3"
          },
          {
            "model": "oracle9i application server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "1.0.2.2"
          },
          {
            "model": "oracle8i standard edition",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "8.1.7.4"
          },
          {
            "model": "oracle8i enterprise edition",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "8.1.7.4.0"
          },
          {
            "model": "oracle10g standard edition",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "10.1.0.4"
          },
          {
            "model": "oracle10g standard edition",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "10.1.0.3.1"
          },
          {
            "model": "oracle10g standard edition",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "10.1.0.3"
          },
          {
            "model": "oracle10g standard edition",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "10.1.0.2"
          },
          {
            "model": "oracle10g personal edition",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "10.1.0.4"
          },
          {
            "model": "oracle10g personal edition",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "10.1.0.3.1"
          },
          {
            "model": "oracle10g personal edition",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "10.1.0.3"
          },
          {
            "model": "oracle10g personal edition",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "10.1.0.2"
          },
          {
            "model": "oracle10g enterprise edition",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "10.1.0.4"
          },
          {
            "model": "oracle10g enterprise edition",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "10.1.0.3.1"
          },
          {
            "model": "oracle10g enterprise edition",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "10.1.0.3"
          },
          {
            "model": "oracle10g enterprise edition",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "10.1.0.2"
          },
          {
            "model": "oracle10g application server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "10.1.2"
          },
          {
            "model": "oracle10g application server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "10.1.0.3.1"
          },
          {
            "model": "oracle10g application server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "9.0.4.1"
          },
          {
            "model": "oracle10g application server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "9.0.4.0"
          },
          {
            "model": "enterprise manager grid control 10g",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "10.1.3"
          },
          {
            "model": "enterprise manager grid control 10g",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "10.1.0.2"
          },
          {
            "model": "enterprise manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "9.0.4.1"
          },
          {
            "model": "enterprise manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "9.0.4.0"
          },
          {
            "model": "e-business suite 11i",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "11.5.10"
          },
          {
            "model": "e-business suite 11i",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "11.5.9"
          },
          {
            "model": "e-business suite 11i",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "11.5.8"
          },
          {
            "model": "e-business suite 11i",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "11.5.7"
          },
          {
            "model": "e-business suite 11i",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "11.5.6"
          },
          {
            "model": "e-business suite 11i",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "11.5.5"
          },
          {
            "model": "e-business suite 11i",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "11.5.4"
          },
          {
            "model": "e-business suite 11i",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "11.5.3"
          },
          {
            "model": "e-business suite 11i",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "11.5.2"
          },
          {
            "model": "e-business suite 11i",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "11.5.1"
          },
          {
            "model": "e-business suite 11i",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "11.5"
          },
          {
            "model": "e-business suite",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "11.0"
          },
          {
            "model": "collaboration suite release",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "29.0.4.2"
          },
          {
            "model": "collaboration suite release",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "29.0.4.1"
          },
          {
            "model": "apache",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apache",
            "version": "2.0.49"
          },
          {
            "model": "apache",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apache",
            "version": "2.0.35"
          },
          {
            "model": "multi network firewall",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mandrakesoft",
            "version": "2.0"
          },
          {
            "model": "hp-ux b.11.23",
            "scope": null,
            "trust": 0.3,
            "vendor": "hp",
            "version": null
          },
          {
            "model": "enterprise linux ws",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "2.1"
          },
          {
            "model": "mod ssl",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mod ssl",
            "version": "2.8.12"
          },
          {
            "model": "mod ssl",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mod ssl",
            "version": "2.8.9"
          },
          {
            "model": "stronghold",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "4.0"
          },
          {
            "model": "apache",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apache",
            "version": "2.0"
          },
          {
            "model": "-current",
            "scope": null,
            "trust": 0.3,
            "vendor": "openbsd",
            "version": null
          },
          {
            "model": "hp-ux b.11.22",
            "scope": null,
            "trust": 0.3,
            "vendor": "hp",
            "version": null
          },
          {
            "model": "openbsd",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openbsd",
            "version": "3.5"
          },
          {
            "model": "linux mandrake",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mandriva",
            "version": "9.1"
          },
          {
            "model": "linux m68k",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "3.0"
          },
          {
            "model": "linux mandrake amd64",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mandriva",
            "version": "9.2"
          },
          {
            "model": "mac os server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.3.4"
          },
          {
            "model": "apache",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apache",
            "version": "1.3.28"
          },
          {
            "model": "apache",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apache",
            "version": "2.0.39"
          },
          {
            "model": "linux ia-64",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "3.0"
          },
          {
            "model": "mod ssl",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mod ssl",
            "version": "2.8.7"
          },
          {
            "model": "linux mandrake amd64",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mandriva",
            "version": "10.0"
          },
          {
            "model": "apache",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apache",
            "version": "2.0.32"
          },
          {
            "model": "-dev",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apache",
            "version": "1.3.7"
          },
          {
            "model": "linux sparc",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "3.0"
          },
          {
            "model": "corporate server x86 64",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mandrakesoft",
            "version": "2.1"
          },
          {
            "model": "webproxy a.02.00",
            "scope": null,
            "trust": 0.3,
            "vendor": "hp",
            "version": null
          },
          {
            "model": "linux hppa",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "3.0"
          },
          {
            "model": "advanced workstation for the itanium processor",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "2.1"
          },
          {
            "model": "enterprise server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "tinysofa",
            "version": "1.0"
          },
          {
            "model": "compaq secure web server for openvms",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "1.2"
          },
          {
            "model": "apache",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apache",
            "version": "1.3.22"
          },
          {
            "model": "apache",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apache",
            "version": "1.3.9"
          },
          {
            "model": "virtualvault a.04.70",
            "scope": null,
            "trust": 0.3,
            "vendor": "hp",
            "version": null
          },
          {
            "model": "enterprise linux ws ia64",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "2.1"
          },
          {
            "model": "linux",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "7.3"
          },
          {
            "model": "mac os",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.2.8"
          },
          {
            "model": "apache",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apache",
            "version": "2.0.43"
          },
          {
            "model": "openvms secure web server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "7.3"
          },
          {
            "model": "apache",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apache",
            "version": "2.0.47"
          },
          {
            "model": "linux mandrake ppc",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mandriva",
            "version": "9.1"
          },
          {
            "model": "apache",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apache",
            "version": "1.3.20"
          },
          {
            "model": "apache",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apache",
            "version": "1.3.26"
          },
          {
            "model": "apache",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apache",
            "version": "1.3.25"
          },
          {
            "model": "apache",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apache",
            "version": "2.0.37"
          },
          {
            "model": "mac os server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.3.5"
          },
          {
            "model": "apache",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apache",
            "version": "1.3.14"
          },
          {
            "model": "apache",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apache",
            "version": "1.3.11"
          },
          {
            "model": "apache",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apache",
            "version": "1.3.4"
          },
          {
            "model": "network proxy (for rhel",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "4)4.2"
          },
          {
            "model": "enterprise linux es",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "2.1"
          },
          {
            "model": "openvms secure web server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "7.3-1"
          },
          {
            "model": "linux",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "gentoo",
            "version": "1.4"
          },
          {
            "model": "linux mandrake",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mandriva",
            "version": "9.2"
          },
          {
            "model": "home",
            "scope": null,
            "trust": 0.3,
            "vendor": "turbolinux",
            "version": null
          },
          {
            "model": "linux i686",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "7.3"
          },
          {
            "model": "linux alpha",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "3.0"
          },
          {
            "model": "advanced workstation for the itanium processor ia64",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "2.1"
          },
          {
            "model": "openvms secure web server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "7.3-2"
          },
          {
            "model": "apache",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apache",
            "version": "2.0.48"
          },
          {
            "model": "apache",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apache",
            "version": "2.0.45"
          },
          {
            "model": "apache",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apache",
            "version": "1.3.12"
          },
          {
            "model": "linux i386",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "7.3"
          },
          {
            "model": "apache",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apache",
            "version": "1.3.1"
          },
          {
            "model": "apache",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apache",
            "version": "2.0.38"
          },
          {
            "model": "mod ssl",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mod ssl",
            "version": "2.8.10"
          },
          {
            "model": "openvms secure web server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "7.2-2"
          },
          {
            "model": "secure enterprise linux",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "trustix",
            "version": "2.0"
          },
          {
            "model": "virtualvault a.04.50",
            "scope": null,
            "trust": 0.3,
            "vendor": "hp",
            "version": null
          },
          {
            "model": "apache",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apache",
            "version": "2.0.46"
          },
          {
            "model": "compaq secure web server for openvms",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "1.3"
          },
          {
            "model": "desktop",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "turbolinux",
            "version": "10.0"
          },
          {
            "model": "server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "turbolinux",
            "version": "10.0"
          },
          {
            "model": "apache",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apache",
            "version": "2.0.44"
          },
          {
            "model": "apache",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apache",
            "version": "1.3.24"
          },
          {
            "model": "beta",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apache",
            "version": "2.0.28"
          },
          {
            "model": "enterprise linux as ia64",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "2.1"
          },
          {
            "model": "apache",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apache",
            "version": "2.0.40"
          },
          {
            "model": "openbsd",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openbsd",
            "version": "3.4"
          },
          {
            "model": "mod ssl",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mod ssl",
            "version": "2.8.16"
          },
          {
            "model": "apache",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apache",
            "version": "1.3.23"
          },
          {
            "model": "apache",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apache",
            "version": "1.3"
          },
          {
            "model": "webproxy a.02.10",
            "scope": null,
            "trust": 0.3,
            "vendor": "hp",
            "version": null
          },
          {
            "model": "compaq secure web server for openvms",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "2.0"
          },
          {
            "model": "virtualvault a.04.60",
            "scope": null,
            "trust": 0.3,
            "vendor": "hp",
            "version": null
          },
          {
            "model": "hp-ux b.11.11",
            "scope": null,
            "trust": 0.3,
            "vendor": "hp",
            "version": null
          },
          {
            "model": "apache",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apache",
            "version": "1.3.19"
          },
          {
            "model": "apache",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apache",
            "version": "1.3.18"
          },
          {
            "model": "compaq secure web server for openvms php",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "2.0"
          },
          {
            "model": "enterprise server -u1",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "tinysofa",
            "version": "1.0"
          },
          {
            "model": "a9",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apache",
            "version": "2.0"
          },
          {
            "model": "apache",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apache",
            "version": "1.3.27"
          },
          {
            "model": "hp-ux b.11.00",
            "scope": null,
            "trust": 0.3,
            "vendor": "hp",
            "version": null
          },
          {
            "model": "linux ia-32",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "3.0"
          },
          {
            "model": "linux mipsel",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "3.0"
          },
          {
            "model": "linux mips",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "3.0"
          },
          {
            "model": "network proxy (for rhel",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "3)4.2"
          },
          {
            "model": "mac os server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.2.8"
          },
          {
            "model": "apache",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apache",
            "version": "2.0.42"
          },
          {
            "model": "apache",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "apache",
            "version": "2.0.50"
          },
          {
            "model": "corporate server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mandrakesoft",
            "version": "2.1"
          },
          {
            "model": "apache",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apache",
            "version": "2.0.28"
          },
          {
            "model": "mac os",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.3.5"
          },
          {
            "model": "apache",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apache",
            "version": "1.3.3"
          },
          {
            "model": "linux arm",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "3.0"
          },
          {
            "model": "mac os",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.3.4"
          },
          {
            "model": "apache",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apache",
            "version": "2.0.36"
          },
          {
            "model": "linux s/390",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "3.0"
          },
          {
            "model": "apache",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apache",
            "version": "2.0.41"
          },
          {
            "model": "apache",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apache",
            "version": "1.3.29"
          },
          {
            "model": "apache",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apache",
            "version": "1.3.6"
          },
          {
            "model": "linux ppc",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "3.0"
          },
          {
            "model": "apache",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apache",
            "version": "1.3.17"
          },
          {
            "model": "enterprise linux es ia64",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "2.1"
          },
          {
            "model": "linux mandrake",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mandriva",
            "version": "10.0"
          },
          {
            "model": "enterprise linux as",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "2.1"
          },
          {
            "model": "apache",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apache",
            "version": "1.3.31"
          },
          {
            "model": "mod ssl",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mod ssl",
            "version": "2.8.15"
          },
          {
            "model": "propack",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "sgi",
            "version": "2.4"
          }
        ],
        "sources": [
          {
            "db": "BID",
            "id": "13139"
          },
          {
            "db": "BID",
            "id": "10355"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2004-000199"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-200407-016"
          },
          {
            "db": "NVD",
            "id": "CVE-2004-0488"
          }
        ]
      },
      "configurations": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/configurations#",
          "children": {
            "@container": "@list"
          },
          "cpe_match": {
            "@container": "@list"
          },
          "data": {
            "@container": "@list"
          },
          "nodes": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "CVE_data_version": "4.0",
            "nodes": [
              {
                "cpe_match": [
                  {
                    "cpe22Uri": "cpe:/a:apache:http_server",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/a:mod_ssl:mod_ssl",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:misc:miraclelinux_asianux_server",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/h:sun:sun_cobalt_raq_550",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:turbolinux:turbolinux_server",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:hp:hp-ux",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:redhat:enterprise_linux",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2004-000199"
          }
        ]
      },
      "credits": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/credits#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Georgi Guninski\u203b guninski@guninski.com",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-200407-016"
          }
        ],
        "trust": 0.6
      },
      "cve": "CVE-2004-0488",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "nvd@nist.gov",
                "availabilityImpact": "PARTIAL",
                "baseScore": 7.5,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 10.0,
                "id": "CVE-2004-0488",
                "impactScore": 6.4,
                "integrityImpact": "PARTIAL",
                "severity": "HIGH",
                "trust": 1.8,
                "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
                "version": "2.0"
              },
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "VULHUB",
                "availabilityImpact": "PARTIAL",
                "baseScore": 7.5,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 10.0,
                "id": "VHN-8918",
                "impactScore": 6.4,
                "integrityImpact": "PARTIAL",
                "severity": "HIGH",
                "trust": 0.1,
                "vectorString": "AV:N/AC:L/AU:N/C:P/I:P/A:P",
                "version": "2.0"
              }
            ],
            "cvssV3": [],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2004-0488",
                "trust": 1.0,
                "value": "HIGH"
              },
              {
                "author": "NVD",
                "id": "CVE-2004-0488",
                "trust": 0.8,
                "value": "High"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-200407-016",
                "trust": 0.6,
                "value": "HIGH"
              },
              {
                "author": "VULHUB",
                "id": "VHN-8918",
                "trust": 0.1,
                "value": "HIGH"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-8918"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2004-000199"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-200407-016"
          },
          {
            "db": "NVD",
            "id": "CVE-2004-0488"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Stack-based buffer overflow in the ssl_util_uuencode_binary function in ssl_util.c for Apache mod_ssl, when mod_ssl is configured to trust the issuing CA, may allow remote attackers to execute arbitrary code via a client certificate with a long subject DN. mod_ssl Is httpd.conf In SSLOptions Is a directive option FakeBasicAuth If enabled, a buffer overflow vulnerability exists.SSL Is enabled Apache HTTP Server Service disruption at (DoS) It may be in a state. Oracle Database Server, Oracle Application Server, Oracle Collaboration Suite, Oracle E-Business and Applications, Oracle Enterprise Manager Grid Control, and Oracle PeopleSoft Applications are reported prone to multiple vulnerabilities. \nOracle has released a Critical Patch Update to address these issues in various supported applications and platforms. Other non-supported versions may be affected, but Symantec has not confirmed this. \nThe issues identified by the vendor affect all security properties of the Oracle products and present local and remote threats. While various levels of authorization are required to leverage some issues, others do not require any authorization. \nThis BID will be divided and updated into separate BIDs when more information is available. A stack-based buffer overflow has been reported in the Apache \u0027mod_ssl\u0027 module. \nThis issue is exposed in utility code for uuencoding binary data. \nThis issue would most likely result in a denial of service if triggered, but could theoretically allow  arbitrary code to run. The issue is not believed to be exploitable to execute arbitrary code on x86 architectures, but this may not be the case with other architectures. Mod_SSL is the SSL implementation on the Apache server, used to provide encryption support for the Apache web server. A remote attacker can use the ssl_engine_kernel.c module that uses this function to conduct a denial of service attack or execute arbitrary instructions in the WEB process",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2004-0488"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2004-000199"
          },
          {
            "db": "BID",
            "id": "13139"
          },
          {
            "db": "BID",
            "id": "10355"
          },
          {
            "db": "VULHUB",
            "id": "VHN-8918"
          }
        ],
        "trust": 2.25
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2004-0488",
            "trust": 3.1
          },
          {
            "db": "BID",
            "id": "10355",
            "trust": 2.8
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2004-000199",
            "trust": 0.8
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-200407-016",
            "trust": 0.7
          },
          {
            "db": "BID",
            "id": "13139",
            "trust": 0.3
          },
          {
            "db": "SEEBUG",
            "id": "SSVID-87504",
            "trust": 0.1
          },
          {
            "db": "VULHUB",
            "id": "VHN-8918",
            "trust": 0.1
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-8918"
          },
          {
            "db": "BID",
            "id": "13139"
          },
          {
            "db": "BID",
            "id": "10355"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2004-000199"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-200407-016"
          },
          {
            "db": "NVD",
            "id": "CVE-2004-0488"
          }
        ]
      },
      "id": "VAR-200407-0075",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-8918"
          }
        ],
        "trust": 0.01
      },
      "last_update_date": "2025-04-03T21:45:56.599000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "2.0 CHANGES",
            "trust": 0.8,
            "url": "http://www.apache.org/dist/httpd/CHANGES_2.0"
          },
          {
            "title": "HPSBUX01068",
            "trust": 0.8,
            "url": "http://www1.itrc.hp.com/service/cki/docDisplay.do?docId=HPSBUX01068"
          },
          {
            "title": "HPSBUX01064",
            "trust": 0.8,
            "url": "http://www1.itrc.hp.com/service/cki/docDisplay.do?docId=HPSBUX01064"
          },
          {
            "title": "HPSBUX01068",
            "trust": 0.8,
            "url": "http://h50221.www5.hp.com/upassist/itrc_japan/assist2/secbltn/HP-UX/HPSBUX01068.html"
          },
          {
            "title": "HPSBUX01064",
            "trust": 0.8,
            "url": "http://h50221.www5.hp.com/upassist/itrc_japan/assist2/secbltn/HP-UX/HPSBUX01064.html"
          },
          {
            "title": "mod_ssl",
            "trust": 0.8,
            "url": "http://www.miraclelinux.com/support/update/data/mod_ssl.html"
          },
          {
            "title": "httpd",
            "trust": 0.8,
            "url": "http://www.miraclelinux.com/support/update/data/httpd.html"
          },
          {
            "title": "Top Page",
            "trust": 0.8,
            "url": "http://www.modssl.org/"
          },
          {
            "title": "RHSA-2004:245",
            "trust": 0.8,
            "url": "https://rhn.redhat.com/errata/RHSA-2004-245.html"
          },
          {
            "title": "RHSA-2004:342",
            "trust": 0.8,
            "url": "https://rhn.redhat.com/errata/RHSA-2004-342.html"
          },
          {
            "title": "550 Apache and Openssl Security Update 0.0.1",
            "trust": 0.8,
            "url": "http://sunsolve.sun.com/pub-cgi/show.pl?target=cobalt/raq550.eng"
          },
          {
            "title": "TLSA-2006-32",
            "trust": 0.8,
            "url": "http://www.turbolinux.com/security/2006/TLSA-2006-32.txt"
          },
          {
            "title": "RHSA-2004:245",
            "trust": 0.8,
            "url": "http://www.jp.redhat.com/support/errata/RHSA/RHSA-2004-245J.html"
          },
          {
            "title": "RHSA-2004:342",
            "trust": 0.8,
            "url": "http://www.jp.redhat.com/support/errata/RHSA/RHSA-2004-342J.html"
          },
          {
            "title": "TLSA-2006-32",
            "trust": 0.8,
            "url": "http://www.turbolinux.co.jp/security/2006/TLSA-2006-32j.txt"
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2004-000199"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "CWE-787",
            "trust": 1.0
          }
        ],
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2004-0488"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 2.5,
            "url": "http://www.securityfocus.com/bid/10355"
          },
          {
            "trust": 2.0,
            "url": "http://rhn.redhat.com/errata/rhsa-2004-245.html"
          },
          {
            "trust": 1.7,
            "url": "http://www.debian.org/security/2004/dsa-532"
          },
          {
            "trust": 1.7,
            "url": "https://bugzilla.fedora.us/show_bug.cgi?id=1888"
          },
          {
            "trust": 1.7,
            "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2004-may/021610.html"
          },
          {
            "trust": 1.7,
            "url": "http://security.gentoo.org/glsa/glsa-200406-05.xml"
          },
          {
            "trust": 1.7,
            "url": "http://www.mandriva.com/security/advisories?name=mdksa-2004:054"
          },
          {
            "trust": 1.7,
            "url": "http://www.mandriva.com/security/advisories?name=mdksa-2004:055"
          },
          {
            "trust": 1.7,
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a11458"
          },
          {
            "trust": 1.7,
            "url": "http://www.redhat.com/support/errata/rhsa-2004-342.html"
          },
          {
            "trust": 1.7,
            "url": "http://www.redhat.com/support/errata/rhsa-2004-405.html"
          },
          {
            "trust": 1.7,
            "url": "http://www.redhat.com/support/errata/rhsa-2005-816.html"
          },
          {
            "trust": 1.7,
            "url": "http://www.trustix.net/errata/2004/0031/"
          },
          {
            "trust": 1.7,
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16214"
          },
          {
            "trust": 1.6,
            "url": "http://marc.info/?l=bugtraq\u0026m=109215056218824\u0026w=2"
          },
          {
            "trust": 1.6,
            "url": "http://marc.info/?l=bugtraq\u0026m=108619129727620\u0026w=2"
          },
          {
            "trust": 1.6,
            "url": "http://marc.info/?l=bugtraq\u0026m=109181600614477\u0026w=2"
          },
          {
            "trust": 1.6,
            "url": "http://marc.info/?l=bugtraq\u0026m=108567431823750\u0026w=2"
          },
          {
            "trust": 1.1,
            "url": "ftp://patches.sgi.com/support/free/security/advisories/20040605-01-u.asc"
          },
          {
            "trust": 1.0,
            "url": "https://lists.apache.org/thread.html/raa117ef183f0da9b3f46efbeaa66f7622bd68868a450cae4fd8ed594%40%3ccvs.httpd.apache.org%3e"
          },
          {
            "trust": 1.0,
            "url": "https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3ccvs.httpd.apache.org%3e"
          },
          {
            "trust": 1.0,
            "url": "https://lists.apache.org/thread.html/54a42d4b01968df1117cea77fc53d6beb931c0e05936ad02af93e9ac%40%3ccvs.httpd.apache.org%3e"
          },
          {
            "trust": 1.0,
            "url": "https://lists.apache.org/thread.html/re895fc1736d25c8cf57e102c871613b8aeec9ea26fd8a44e7942b5ab%40%3ccvs.httpd.apache.org%3e"
          },
          {
            "trust": 1.0,
            "url": "https://lists.apache.org/thread.html/5df9bfb86a3b054bb985a45ff9250b0332c9ecc181eec232489e7f79%40%3ccvs.httpd.apache.org%3e"
          },
          {
            "trust": 1.0,
            "url": "https://lists.apache.org/thread.html/r2cb985de917e7da0848c440535f65a247754db8b2154a10089e4247b%40%3ccvs.httpd.apache.org%3e"
          },
          {
            "trust": 1.0,
            "url": "https://lists.apache.org/thread.html/r8828e649175df56f1f9e3919938ac7826128525426e2748f0ab62feb%40%3ccvs.httpd.apache.org%3e"
          },
          {
            "trust": 1.0,
            "url": "https://lists.apache.org/thread.html/rd65d8ba68ba17e7deedafbf5bb4899f2ae4dad781d21b931c2941ac3%40%3ccvs.httpd.apache.org%3e"
          },
          {
            "trust": 1.0,
            "url": "https://lists.apache.org/thread.html/r9e8622254184645bc963a1d47c5d47f6d5a36d6f080d8d2c43b2b142%40%3ccvs.httpd.apache.org%3e"
          },
          {
            "trust": 1.0,
            "url": "https://lists.apache.org/thread.html/r0276683d8e1e07153fc8642618830ac0ade85b9ae0dc7b07f63bb8fc%40%3ccvs.httpd.apache.org%3e"
          },
          {
            "trust": 1.0,
            "url": "https://lists.apache.org/thread.html/r5001ecf3d6b2bdd0b732e527654248abb264f08390045d30709a92f6%40%3ccvs.httpd.apache.org%3e"
          },
          {
            "trust": 1.0,
            "url": "https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3ccvs.httpd.apache.org%3e"
          },
          {
            "trust": 0.8,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2004-0488"
          },
          {
            "trust": 0.8,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2004-0488"
          },
          {
            "trust": 0.6,
            "url": "httpd.apache.org%3e"
          },
          {
            "trust": 0.6,
            "url": "https://lists.apache.org/thread.html/r8828e649175df56f1f9e3919938ac7826128525426e2748f0ab62feb@%3ccvs."
          },
          {
            "trust": 0.6,
            "url": "https://lists.apache.org/thread.html/5df9bfb86a3b054bb985a45ff9250b0332c9ecc181eec232489e7f79@%3ccvs."
          },
          {
            "trust": 0.6,
            "url": "https://lists.apache.org/thread.html/54a42d4b01968df1117cea77fc53d6beb931c0e05936ad02af93e9ac@%3ccvs."
          },
          {
            "trust": 0.6,
            "url": "https://lists.apache.org/thread.html/r2cb985de917e7da0848c440535f65a247754db8b2154a10089e4247b@%3ccvs."
          },
          {
            "trust": 0.6,
            "url": "https://lists.apache.org/thread.html/raa117ef183f0da9b3f46efbeaa66f7622bd68868a450cae4fd8ed594@%3ccvs."
          },
          {
            "trust": 0.6,
            "url": "https://lists.apache.org/thread.html/r9e8622254184645bc963a1d47c5d47f6d5a36d6f080d8d2c43b2b142@%3ccvs."
          },
          {
            "trust": 0.6,
            "url": "https://lists.apache.org/thread.html/re895fc1736d25c8cf57e102c871613b8aeec9ea26fd8a44e7942b5ab@%3ccvs."
          },
          {
            "trust": 0.6,
            "url": "https://lists.apache.org/thread.html/rd65d8ba68ba17e7deedafbf5bb4899f2ae4dad781d21b931c2941ac3@%3ccvs."
          },
          {
            "trust": 0.6,
            "url": "https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9@%3ccvs."
          },
          {
            "trust": 0.6,
            "url": "https://lists.apache.org/thread.html/r0276683d8e1e07153fc8642618830ac0ade85b9ae0dc7b07f63bb8fc@%3ccvs."
          },
          {
            "trust": 0.6,
            "url": "https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920@%3ccvs."
          },
          {
            "trust": 0.6,
            "url": "https://lists.apache.org/thread.html/r5001ecf3d6b2bdd0b732e527654248abb264f08390045d30709a92f6@%3ccvs."
          },
          {
            "trust": 0.3,
            "url": "http://www.oracle.com/technology/deploy/security/pdf/cpuapr2005.pdf"
          },
          {
            "trust": 0.3,
            "url": "http://www.oracle.com/index.html"
          },
          {
            "trust": 0.3,
            "url": "http://www.peoplesoft.com:80/corp/en/support/security_index.jsp"
          },
          {
            "trust": 0.3,
            "url": "/archive/1/395699"
          },
          {
            "trust": 0.3,
            "url": "http://httpd.apache.org/"
          },
          {
            "trust": 0.3,
            "url": "http://www.modssl.org"
          },
          {
            "trust": 0.3,
            "url": "http://www.openbsd.org/errata.html"
          },
          {
            "trust": 0.3,
            "url": "http://rhn.redhat.com/errata/rhsa-2004-342.html"
          },
          {
            "trust": 0.3,
            "url": "http://rhn.redhat.com/errata/rhsa-2004-405.html"
          },
          {
            "trust": 0.3,
            "url": "http://rhn.redhat.com/errata/rhsa-2005-816.html"
          },
          {
            "trust": 0.3,
            "url": "http://www4.itrc.hp.com/service/cki/docdisplay.do?admit=-938907319+1097930936036+28353475\u0026docid=hpsbov01083"
          },
          {
            "trust": 0.3,
            "url": "http://www.tinysofa.org/support/errata/2004/008.html"
          },
          {
            "trust": 0.3,
            "url": "http://support.avaya.com/japple/css/japple?temp.groupid=128450\u0026temp.selectedfamily=128451\u0026temp.selectedproduct=154235\u0026temp.selectedbucket=126655\u0026temp.feedbackstate=askforfeedback\u0026temp.documentid=19466"
          },
          {
            "trust": 0.3,
            "url": "http://rhn.redhat.com/errata/rhsa-2008-0523.html"
          },
          {
            "trust": 0.1,
            "url": "http://marc.info/?l=bugtraq\u0026amp;m=108567431823750\u0026amp;w=2"
          },
          {
            "trust": 0.1,
            "url": "http://marc.info/?l=bugtraq\u0026amp;m=108619129727620\u0026amp;w=2"
          },
          {
            "trust": 0.1,
            "url": "http://marc.info/?l=bugtraq\u0026amp;m=109181600614477\u0026amp;w=2"
          },
          {
            "trust": 0.1,
            "url": "http://marc.info/?l=bugtraq\u0026amp;m=109215056218824\u0026amp;w=2"
          },
          {
            "trust": 0.1,
            "url": "https://lists.apache.org/thread.html/54a42d4b01968df1117cea77fc53d6beb931c0e05936ad02af93e9ac@%3ccvs.httpd.apache.org%3e"
          },
          {
            "trust": 0.1,
            "url": "https://lists.apache.org/thread.html/5df9bfb86a3b054bb985a45ff9250b0332c9ecc181eec232489e7f79@%3ccvs.httpd.apache.org%3e"
          },
          {
            "trust": 0.1,
            "url": "https://lists.apache.org/thread.html/r0276683d8e1e07153fc8642618830ac0ade85b9ae0dc7b07f63bb8fc@%3ccvs.httpd.apache.org%3e"
          },
          {
            "trust": 0.1,
            "url": "https://lists.apache.org/thread.html/r8828e649175df56f1f9e3919938ac7826128525426e2748f0ab62feb@%3ccvs.httpd.apache.org%3e"
          },
          {
            "trust": 0.1,
            "url": "https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9@%3ccvs.httpd.apache.org%3e"
          },
          {
            "trust": 0.1,
            "url": "https://lists.apache.org/thread.html/re895fc1736d25c8cf57e102c871613b8aeec9ea26fd8a44e7942b5ab@%3ccvs.httpd.apache.org%3e"
          },
          {
            "trust": 0.1,
            "url": "https://lists.apache.org/thread.html/r2cb985de917e7da0848c440535f65a247754db8b2154a10089e4247b@%3ccvs.httpd.apache.org%3e"
          },
          {
            "trust": 0.1,
            "url": "https://lists.apache.org/thread.html/r9e8622254184645bc963a1d47c5d47f6d5a36d6f080d8d2c43b2b142@%3ccvs.httpd.apache.org%3e"
          },
          {
            "trust": 0.1,
            "url": "https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920@%3ccvs.httpd.apache.org%3e"
          },
          {
            "trust": 0.1,
            "url": "https://lists.apache.org/thread.html/raa117ef183f0da9b3f46efbeaa66f7622bd68868a450cae4fd8ed594@%3ccvs.httpd.apache.org%3e"
          },
          {
            "trust": 0.1,
            "url": "https://lists.apache.org/thread.html/rd65d8ba68ba17e7deedafbf5bb4899f2ae4dad781d21b931c2941ac3@%3ccvs.httpd.apache.org%3e"
          },
          {
            "trust": 0.1,
            "url": "https://lists.apache.org/thread.html/r5001ecf3d6b2bdd0b732e527654248abb264f08390045d30709a92f6@%3ccvs.httpd.apache.org%3e"
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-8918"
          },
          {
            "db": "BID",
            "id": "13139"
          },
          {
            "db": "BID",
            "id": "10355"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2004-000199"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-200407-016"
          },
          {
            "db": "NVD",
            "id": "CVE-2004-0488"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "VULHUB",
            "id": "VHN-8918"
          },
          {
            "db": "BID",
            "id": "13139"
          },
          {
            "db": "BID",
            "id": "10355"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2004-000199"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-200407-016"
          },
          {
            "db": "NVD",
            "id": "CVE-2004-0488"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2004-07-07T00:00:00",
            "db": "VULHUB",
            "id": "VHN-8918"
          },
          {
            "date": "2005-04-12T00:00:00",
            "db": "BID",
            "id": "13139"
          },
          {
            "date": "2004-05-17T00:00:00",
            "db": "BID",
            "id": "10355"
          },
          {
            "date": "2007-04-01T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2004-000199"
          },
          {
            "date": "2003-07-18T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-200407-016"
          },
          {
            "date": "2004-07-07T04:00:00",
            "db": "NVD",
            "id": "CVE-2004-0488"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2017-10-11T00:00:00",
            "db": "VULHUB",
            "id": "VHN-8918"
          },
          {
            "date": "2006-05-05T23:30:00",
            "db": "BID",
            "id": "13139"
          },
          {
            "date": "2008-07-01T00:40:00",
            "db": "BID",
            "id": "10355"
          },
          {
            "date": "2007-04-01T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2004-000199"
          },
          {
            "date": "2022-09-26T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-200407-016"
          },
          {
            "date": "2025-04-03T01:03:51.193000",
            "db": "NVD",
            "id": "CVE-2004-0488"
          }
        ]
      },
      "threat_type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "network",
        "sources": [
          {
            "db": "BID",
            "id": "13139"
          },
          {
            "db": "BID",
            "id": "10355"
          }
        ],
        "trust": 0.6
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Apache HTTP Server of  mod_ssl Vulnerable to buffer overflow",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2004-000199"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "buffer error",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-200407-016"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-200402-0070

    Vulnerability from variot - Updated: 2025-04-03 19:33

    mod_digest_apple for Apache 1.3.31 and 1.3.32 on Mac OS X Server does not properly verify the nonce of a client response, which allows remote attackers to replay credentials. Patches have been released for the Apache mod_digest module to include digest replay protection. The module reportedly did not adequately verify client-supplied nonces against the server issued nonce. This could permit a remote attacker to replay the response of another website or section of the same website under some circumstances. It should be noted that this issue does not exist in mod_auth_digest module. Apache is a popular WEB server program. A remote attacker could exploit this vulnerability to forge responses from other sites. This vulnerability only occurs when the username and password of the user on the fake station and the server are the same, and the actual name is also the same, but this situation is relatively rare

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-200402-0070",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "solaris",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "sun",
            "version": "9.0"
          },
          {
            "model": "solaris",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "sun",
            "version": "8.0"
          },
          {
            "model": "openbsd",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "openbsd",
            "version": "3.5"
          },
          {
            "model": "openbsd",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "openbsd",
            "version": "3.4"
          },
          {
            "model": "http server",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "ibm",
            "version": "1.3.19"
          },
          {
            "model": "communication manager",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "avaya",
            "version": "2.0.1"
          },
          {
            "model": "communication manager",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "avaya",
            "version": "2.0"
          },
          {
            "model": "communication manager",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "avaya",
            "version": "1.3.1"
          },
          {
            "model": "communication manager",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "avaya",
            "version": "1.1"
          },
          {
            "model": "http server",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "apache",
            "version": "1.3.3"
          },
          {
            "model": "http server",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "apache",
            "version": "1.3.4"
          },
          {
            "model": "http server",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "apache",
            "version": "1.3.11"
          },
          {
            "model": "http server",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "apache",
            "version": "1.3.12"
          },
          {
            "model": "http server",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "apache",
            "version": "1.3.23"
          },
          {
            "model": "network routing",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "avaya",
            "version": "*"
          },
          {
            "model": "apache mod digest apple",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "apple",
            "version": "*"
          },
          {
            "model": "modular messaging message storage server",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "avaya",
            "version": "1.1"
          },
          {
            "model": "modular messaging message storage server",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "avaya",
            "version": "2.0"
          },
          {
            "model": "openserver",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "sco",
            "version": "5.0.6"
          },
          {
            "model": "http server",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "apache",
            "version": "1.3.24"
          },
          {
            "model": "http server",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "apache",
            "version": "1.3.26"
          },
          {
            "model": "http server",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "apache",
            "version": "1.3.18"
          },
          {
            "model": "http server",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "apache",
            "version": "1.3.22"
          },
          {
            "model": "http server",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "apache",
            "version": "1.3.6"
          },
          {
            "model": "virtualvault",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "hp",
            "version": "4.6"
          },
          {
            "model": "http server",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "apache",
            "version": "1.3"
          },
          {
            "model": "http server",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "apache",
            "version": "1.3.25"
          },
          {
            "model": "http server",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "apache",
            "version": "1.3.27"
          },
          {
            "model": "http server",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "apache",
            "version": "1.3.29"
          },
          {
            "model": "http server",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "apache",
            "version": "1.3.7"
          },
          {
            "model": "virtualvault",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "hp",
            "version": "4.7"
          },
          {
            "model": "openbsd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "openbsd",
            "version": "current"
          },
          {
            "model": "openserver",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "sco",
            "version": "5.0.7"
          },
          {
            "model": "http server",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "apache",
            "version": "1.3.1"
          },
          {
            "model": "http server",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "apache",
            "version": "1.3.20"
          },
          {
            "model": "sunos",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "sun",
            "version": "5.8"
          },
          {
            "model": "mn100",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "avaya",
            "version": "*"
          },
          {
            "model": "http server",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "apache",
            "version": "1.3.19"
          },
          {
            "model": "http server",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "apache",
            "version": "1.3.17"
          },
          {
            "model": "virtualvault",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "hp",
            "version": "4.5"
          },
          {
            "model": "http server",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "apache",
            "version": "1.3.9"
          },
          {
            "model": "http server",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "apache",
            "version": "1.3.14"
          },
          {
            "model": "webproxy",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "hp",
            "version": "a.02.10"
          },
          {
            "model": "intuity audix lx",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "avaya",
            "version": "*"
          },
          {
            "model": "http server",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "apache",
            "version": "1.3.28"
          },
          {
            "model": "webproxy",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "hp",
            "version": "a.02.00"
          },
          {
            "model": "solaris 9 x86",
            "scope": null,
            "trust": 0.3,
            "vendor": "sun",
            "version": null
          },
          {
            "model": "solaris",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "sun",
            "version": "9"
          },
          {
            "model": "solaris 8 x86",
            "scope": null,
            "trust": 0.3,
            "vendor": "sun",
            "version": null
          },
          {
            "model": "solaris 8 sparc",
            "scope": null,
            "trust": 0.3,
            "vendor": "sun",
            "version": null
          },
          {
            "model": "open server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "sco",
            "version": "5.0.7"
          },
          {
            "model": "open server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "sco",
            "version": "5.0.6"
          },
          {
            "model": "stronghold",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "4.0"
          },
          {
            "model": "-current",
            "scope": null,
            "trust": 0.3,
            "vendor": "openbsd",
            "version": null
          },
          {
            "model": "webproxy a.02.10",
            "scope": null,
            "trust": 0.3,
            "vendor": "hp",
            "version": null
          },
          {
            "model": "webproxy a.02.00",
            "scope": null,
            "trust": 0.3,
            "vendor": "hp",
            "version": null
          },
          {
            "model": "virtualvault a.04.70",
            "scope": null,
            "trust": 0.3,
            "vendor": "hp",
            "version": null
          },
          {
            "model": "virtualvault a.04.60",
            "scope": null,
            "trust": 0.3,
            "vendor": "hp",
            "version": null
          },
          {
            "model": "virtualvault a.04.50",
            "scope": null,
            "trust": 0.3,
            "vendor": "hp",
            "version": null
          },
          {
            "model": "network routing",
            "scope": null,
            "trust": 0.3,
            "vendor": "avaya",
            "version": null
          },
          {
            "model": "modular messaging",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "2.0"
          },
          {
            "model": "modular messaging",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "1.1"
          },
          {
            "model": "mn100",
            "scope": null,
            "trust": 0.3,
            "vendor": "avaya",
            "version": null
          },
          {
            "model": "intuity lx",
            "scope": null,
            "trust": 0.3,
            "vendor": "avaya",
            "version": null
          },
          {
            "model": "mod digest apple",
            "scope": null,
            "trust": 0.3,
            "vendor": "apple",
            "version": null
          },
          {
            "model": "apache",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apache",
            "version": "1.3.29"
          },
          {
            "model": "apache",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apache",
            "version": "1.3.28"
          },
          {
            "model": "apache",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apache",
            "version": "1.3.27"
          },
          {
            "model": "apache",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apache",
            "version": "1.3.26"
          },
          {
            "model": "apache",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apache",
            "version": "1.3.25"
          },
          {
            "model": "apache",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apache",
            "version": "1.3.24"
          },
          {
            "model": "apache",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apache",
            "version": "1.3.23"
          },
          {
            "model": "apache",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apache",
            "version": "1.3.22"
          },
          {
            "model": "apache",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apache",
            "version": "1.3.20"
          },
          {
            "model": "apache",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apache",
            "version": "1.3.19"
          },
          {
            "model": "apache",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apache",
            "version": "1.3.18"
          },
          {
            "model": "apache",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apache",
            "version": "1.3.17"
          },
          {
            "model": "apache",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apache",
            "version": "1.3.14"
          },
          {
            "model": "apache",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apache",
            "version": "1.3.12"
          },
          {
            "model": "apache",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apache",
            "version": "1.3.11"
          },
          {
            "model": "apache",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apache",
            "version": "1.3.9"
          },
          {
            "model": "-dev",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apache",
            "version": "1.3.7"
          },
          {
            "model": "apache",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apache",
            "version": "1.3.6"
          },
          {
            "model": "apache",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apache",
            "version": "1.3.4"
          },
          {
            "model": "apache",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apache",
            "version": "1.3.3"
          },
          {
            "model": "apache",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apache",
            "version": "1.3.1"
          },
          {
            "model": "apache",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apache",
            "version": "1.3"
          },
          {
            "model": "posadis",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "posadis",
            "version": "1.3.31"
          },
          {
            "model": "apache",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "apache",
            "version": "1.3.31"
          }
        ],
        "sources": [
          {
            "db": "BID",
            "id": "9571"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-200402-019"
          },
          {
            "db": "NVD",
            "id": "CVE-2004-1082"
          }
        ]
      },
      "credits": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/credits#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Dirk-Willem van Gulik\nOpenPKG\u203b openpkg@openpkg.org",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-200402-019"
          }
        ],
        "trust": 0.6
      },
      "cve": "CVE-2004-1082",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "nvd@nist.gov",
                "availabilityImpact": "PARTIAL",
                "baseScore": 7.5,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 10.0,
                "id": "CVE-2004-1082",
                "impactScore": 6.4,
                "integrityImpact": "PARTIAL",
                "severity": "HIGH",
                "trust": 1.0,
                "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
                "version": "2.0"
              },
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "VULHUB",
                "availabilityImpact": "PARTIAL",
                "baseScore": 7.5,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 10.0,
                "id": "VHN-9512",
                "impactScore": 6.4,
                "integrityImpact": "PARTIAL",
                "severity": "HIGH",
                "trust": 0.1,
                "vectorString": "AV:N/AC:L/AU:N/C:P/I:P/A:P",
                "version": "2.0"
              }
            ],
            "cvssV3": [],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2004-1082",
                "trust": 1.0,
                "value": "HIGH"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-200402-019",
                "trust": 0.6,
                "value": "HIGH"
              },
              {
                "author": "VULHUB",
                "id": "VHN-9512",
                "trust": 0.1,
                "value": "HIGH"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-9512"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-200402-019"
          },
          {
            "db": "NVD",
            "id": "CVE-2004-1082"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "mod_digest_apple for Apache 1.3.31 and 1.3.32 on Mac OS X Server does not properly verify the nonce of a client response, which allows remote attackers to replay credentials. Patches have been released for the Apache mod_digest module to include digest replay protection.  The module reportedly did not adequately verify client-supplied nonces against the server issued nonce.  This could permit a remote attacker to replay the response of another website or section of the same website under some circumstances. \nIt should be noted that this issue does not exist in mod_auth_digest module. Apache is a popular WEB server program. A remote attacker could exploit this vulnerability to forge responses from other sites. This vulnerability only occurs when the username and password of the user on the fake station and the server are the same, and the actual name is also the same, but this situation is relatively rare",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2004-1082"
          },
          {
            "db": "BID",
            "id": "9571"
          },
          {
            "db": "VULHUB",
            "id": "VHN-9512"
          }
        ],
        "trust": 1.26
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "BID",
            "id": "9571",
            "trust": 2.0
          },
          {
            "db": "NVD",
            "id": "CVE-2004-1082",
            "trust": 2.0
          },
          {
            "db": "SECTRACK",
            "id": "1012414",
            "trust": 1.7
          },
          {
            "db": "XF",
            "id": "18347",
            "trust": 0.6
          },
          {
            "db": "APPLE",
            "id": "APPLE-SA-2004-12-02",
            "trust": 0.6
          },
          {
            "db": "CIAC",
            "id": "P-049",
            "trust": 0.6
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-200402-019",
            "trust": 0.6
          },
          {
            "db": "VULHUB",
            "id": "VHN-9512",
            "trust": 0.1
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-9512"
          },
          {
            "db": "BID",
            "id": "9571"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-200402-019"
          },
          {
            "db": "NVD",
            "id": "CVE-2004-1082"
          }
        ]
      },
      "id": "VAR-200402-0070",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-9512"
          }
        ],
        "trust": 0.01
      },
      "last_update_date": "2025-04-03T19:33:55.576000Z",
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "NVD-CWE-Other",
            "trust": 1.0
          }
        ],
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2004-1082"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 1.7,
            "url": "http://lists.apple.com/archives/security-announce/2004/dec/msg00000.html"
          },
          {
            "trust": 1.7,
            "url": "http://www.securityfocus.com/bid/9571"
          },
          {
            "trust": 1.7,
            "url": "http://www.ciac.org/ciac/bulletins/p-049.shtml"
          },
          {
            "trust": 1.7,
            "url": "http://www.securitytracker.com/alerts/2004/dec/1012414.html"
          },
          {
            "trust": 1.1,
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18347"
          },
          {
            "trust": 0.6,
            "url": "http://xforce.iss.net/xforce/xfdb/18347"
          },
          {
            "trust": 0.3,
            "url": "http://www.mail-archive.com/dev@httpd.apache.org/msg19005.html"
          },
          {
            "trust": 0.3,
            "url": "http://httpd.apache.org/"
          },
          {
            "trust": 0.3,
            "url": "http://support.avaya.com/elmodocs2/security/asa-2005-010_rhsa-2004-600.pdf"
          },
          {
            "trust": 0.3,
            "url": "http://www.openbsd.org/errata.html"
          },
          {
            "trust": 0.3,
            "url": "http://rhn.redhat.com/errata/rhsa-2004-600.html"
          },
          {
            "trust": 0.3,
            "url": "http://rhn.redhat.com/errata/rhsa-2005-816.html"
          },
          {
            "trust": 0.3,
            "url": "http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsalert/57628"
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-9512"
          },
          {
            "db": "BID",
            "id": "9571"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-200402-019"
          },
          {
            "db": "NVD",
            "id": "CVE-2004-1082"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "VULHUB",
            "id": "VHN-9512"
          },
          {
            "db": "BID",
            "id": "9571"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-200402-019"
          },
          {
            "db": "NVD",
            "id": "CVE-2004-1082"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2004-02-03T00:00:00",
            "db": "VULHUB",
            "id": "VHN-9512"
          },
          {
            "date": "2004-02-03T00:00:00",
            "db": "BID",
            "id": "9571"
          },
          {
            "date": "2003-07-18T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-200402-019"
          },
          {
            "date": "2004-02-03T05:00:00",
            "db": "NVD",
            "id": "CVE-2004-1082"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2018-10-30T00:00:00",
            "db": "VULHUB",
            "id": "VHN-9512"
          },
          {
            "date": "2009-07-12T02:06:00",
            "db": "BID",
            "id": "9571"
          },
          {
            "date": "2006-08-31T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-200402-019"
          },
          {
            "date": "2025-04-03T01:03:51.193000",
            "db": "NVD",
            "id": "CVE-2004-1082"
          }
        ]
      },
      "threat_type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "remote",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-200402-019"
          }
        ],
        "trust": 0.6
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Apache mod_digest Customer supply Nonce Confirmation vulnerability",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-200402-019"
          }
        ],
        "trust": 0.6
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "access verification error",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-200402-019"
          }
        ],
        "trust": 0.6
      }
    }

    CVE-2009-1349 (GCVE-0-2009-1349)

    Vulnerability from nvd – Published: 2009-04-21 15:00 – Updated: 2024-08-07 05:13
    VLAI
    Summary
    Cross-site scripting (XSS) vulnerability in C2Net Stronghold 2.3 allows remote attackers to inject arbitrary web script or HTML via the URI.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://www.securityfocus.com/bid/34606 vdb-entryx_refsource_BID
    http://www.securityfocus.com/archive/1/502799/100… mailing-listx_refsource_BUGTRAQ
    Date Public
    2009-04-18 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T05:13:25.160Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "34606",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/34606"
              },
              {
                "name": "20090418 Cross-site Scripting vulnerability in Stronghold/2.3 Apache/1.2.6 C2NetUS/2007",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/archive/1/502799/100/0/threaded"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2009-04-18T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Cross-site scripting (XSS) vulnerability in C2Net Stronghold 2.3 allows remote attackers to inject arbitrary web script or HTML via the URI."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2018-10-10T18:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "34606",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/34606"
            },
            {
              "name": "20090418 Cross-site Scripting vulnerability in Stronghold/2.3 Apache/1.2.6 C2NetUS/2007",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://www.securityfocus.com/archive/1/502799/100/0/threaded"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2009-1349",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Cross-site scripting (XSS) vulnerability in C2Net Stronghold 2.3 allows remote attackers to inject arbitrary web script or HTML via the URI."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "34606",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/34606"
                },
                {
                  "name": "20090418 Cross-site Scripting vulnerability in Stronghold/2.3 Apache/1.2.6 C2NetUS/2007",
                  "refsource": "BUGTRAQ",
                  "url": "http://www.securityfocus.com/archive/1/502799/100/0/threaded"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2009-1349",
        "datePublished": "2009-04-21T15:00:00.000Z",
        "dateReserved": "2009-04-21T00:00:00.000Z",
        "dateUpdated": "2024-08-07T05:13:25.160Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2001-0868 (GCVE-0-2001-0868)

    Vulnerability from nvd – Published: 2001-11-28 05:00 – Updated: 2024-08-08 04:37
    VLAI
    Summary
    Red Hat Stronghold 2.3 to 3.0 allows remote attackers to retrieve system information via an HTTP GET request to (1) stronghold-info or (2) stronghold-status.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    Date Public
    2001-11-23 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-08T04:37:06.980Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "3577",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/3577"
              },
              {
                "name": "apache-strongholdstatus-info-disclosure(51951)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/51951"
              },
              {
                "name": "stronghold-webserver-obtain-information(7582)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/7582"
              },
              {
                "name": "apache-strongholdinfo-info-disclosure(51950)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/51950"
              },
              {
                "name": "20011123 Redhat Stronghold Secure Server File System Disclosure Vulnerability",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://marc.info/?l=bugtraq\u0026m=100654958131854\u0026w=2"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2001-11-23T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Red Hat Stronghold 2.3 to 3.0 allows remote attackers to retrieve system information via an HTTP GET request to (1) stronghold-info or (2) stronghold-status."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-12-18T21:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "3577",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/3577"
            },
            {
              "name": "apache-strongholdstatus-info-disclosure(51951)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/51951"
            },
            {
              "name": "stronghold-webserver-obtain-information(7582)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/7582"
            },
            {
              "name": "apache-strongholdinfo-info-disclosure(51950)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/51950"
            },
            {
              "name": "20011123 Redhat Stronghold Secure Server File System Disclosure Vulnerability",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://marc.info/?l=bugtraq\u0026m=100654958131854\u0026w=2"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2001-0868",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Red Hat Stronghold 2.3 to 3.0 allows remote attackers to retrieve system information via an HTTP GET request to (1) stronghold-info or (2) stronghold-status."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "3577",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/3577"
                },
                {
                  "name": "apache-strongholdstatus-info-disclosure(51951)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/51951"
                },
                {
                  "name": "stronghold-webserver-obtain-information(7582)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/7582"
                },
                {
                  "name": "apache-strongholdinfo-info-disclosure(51950)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/51950"
                },
                {
                  "name": "20011123 Redhat Stronghold Secure Server File System Disclosure Vulnerability",
                  "refsource": "BUGTRAQ",
                  "url": "http://marc.info/?l=bugtraq\u0026m=100654958131854\u0026w=2"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2001-0868",
        "datePublished": "2001-11-28T05:00:00.000Z",
        "dateReserved": "2001-11-23T00:00:00.000Z",
        "dateUpdated": "2024-08-08T04:37:06.980Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2009-1349 (GCVE-0-2009-1349)

    Vulnerability from cvelistv5 – Published: 2009-04-21 15:00 – Updated: 2024-08-07 05:13
    VLAI
    Summary
    Cross-site scripting (XSS) vulnerability in C2Net Stronghold 2.3 allows remote attackers to inject arbitrary web script or HTML via the URI.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://www.securityfocus.com/bid/34606 vdb-entryx_refsource_BID
    http://www.securityfocus.com/archive/1/502799/100… mailing-listx_refsource_BUGTRAQ
    Date Public
    2009-04-18 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T05:13:25.160Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "34606",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/34606"
              },
              {
                "name": "20090418 Cross-site Scripting vulnerability in Stronghold/2.3 Apache/1.2.6 C2NetUS/2007",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/archive/1/502799/100/0/threaded"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2009-04-18T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Cross-site scripting (XSS) vulnerability in C2Net Stronghold 2.3 allows remote attackers to inject arbitrary web script or HTML via the URI."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2018-10-10T18:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "34606",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/34606"
            },
            {
              "name": "20090418 Cross-site Scripting vulnerability in Stronghold/2.3 Apache/1.2.6 C2NetUS/2007",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://www.securityfocus.com/archive/1/502799/100/0/threaded"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2009-1349",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Cross-site scripting (XSS) vulnerability in C2Net Stronghold 2.3 allows remote attackers to inject arbitrary web script or HTML via the URI."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "34606",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/34606"
                },
                {
                  "name": "20090418 Cross-site Scripting vulnerability in Stronghold/2.3 Apache/1.2.6 C2NetUS/2007",
                  "refsource": "BUGTRAQ",
                  "url": "http://www.securityfocus.com/archive/1/502799/100/0/threaded"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2009-1349",
        "datePublished": "2009-04-21T15:00:00.000Z",
        "dateReserved": "2009-04-21T00:00:00.000Z",
        "dateUpdated": "2024-08-07T05:13:25.160Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2001-0868 (GCVE-0-2001-0868)

    Vulnerability from cvelistv5 – Published: 2001-11-28 05:00 – Updated: 2024-08-08 04:37
    VLAI
    Summary
    Red Hat Stronghold 2.3 to 3.0 allows remote attackers to retrieve system information via an HTTP GET request to (1) stronghold-info or (2) stronghold-status.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    Date Public
    2001-11-23 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-08T04:37:06.980Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "3577",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/3577"
              },
              {
                "name": "apache-strongholdstatus-info-disclosure(51951)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/51951"
              },
              {
                "name": "stronghold-webserver-obtain-information(7582)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/7582"
              },
              {
                "name": "apache-strongholdinfo-info-disclosure(51950)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/51950"
              },
              {
                "name": "20011123 Redhat Stronghold Secure Server File System Disclosure Vulnerability",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://marc.info/?l=bugtraq\u0026m=100654958131854\u0026w=2"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2001-11-23T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Red Hat Stronghold 2.3 to 3.0 allows remote attackers to retrieve system information via an HTTP GET request to (1) stronghold-info or (2) stronghold-status."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-12-18T21:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "3577",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/3577"
            },
            {
              "name": "apache-strongholdstatus-info-disclosure(51951)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/51951"
            },
            {
              "name": "stronghold-webserver-obtain-information(7582)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/7582"
            },
            {
              "name": "apache-strongholdinfo-info-disclosure(51950)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/51950"
            },
            {
              "name": "20011123 Redhat Stronghold Secure Server File System Disclosure Vulnerability",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://marc.info/?l=bugtraq\u0026m=100654958131854\u0026w=2"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2001-0868",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Red Hat Stronghold 2.3 to 3.0 allows remote attackers to retrieve system information via an HTTP GET request to (1) stronghold-info or (2) stronghold-status."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "3577",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/3577"
                },
                {
                  "name": "apache-strongholdstatus-info-disclosure(51951)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/51951"
                },
                {
                  "name": "stronghold-webserver-obtain-information(7582)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/7582"
                },
                {
                  "name": "apache-strongholdinfo-info-disclosure(51950)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/51950"
                },
                {
                  "name": "20011123 Redhat Stronghold Secure Server File System Disclosure Vulnerability",
                  "refsource": "BUGTRAQ",
                  "url": "http://marc.info/?l=bugtraq\u0026m=100654958131854\u0026w=2"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2001-0868",
        "datePublished": "2001-11-28T05:00:00.000Z",
        "dateReserved": "2001-11-23T00:00:00.000Z",
        "dateUpdated": "2024-08-08T04:37:06.980Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }