{"vuid":"VU#541310","idnumber":"541310","name":"Apache HTTP Server contains a buffer overflow in the mod_proxy module","keywords":["Apache","mod_proxy","DoS","denial of service","content-length header","negative value","buffer overflow"],"overview":"Apache Web Server contains a buffer overflow vulnerability in the mod_proxy module that may allow a remote attacker to execute arbitrary code or launch a denial of service (DoS) attack.","clean_desc":"The Apache Server is an open-source web server offered by The Apache Software Foundation. The Apache Server uses the mod_proxy module to implement proxying for various common protocols such as FTP and HTTP. In versions of Apache prior to and including 1.3.31-r2, the mod_proxy module contains a buffer overflow vulnerability located in the file proxy_util.c. To exploit this vulnerability an attacker must persuade an Apache server with mod_proxy enabled to connect to a malicious server configured to return an invalid content-length header.","impact":"A remote attacker may be able to execute arbitrary code with the privileges of an Apache child process. Exploitation of this vulnerability may completely disable the Apache \nserver resulting in a denial-of-service condition.","resolution":"Upgrade Apache Apache states this issue was fixed in Apache httpd 1.3.32-dev.","workarounds":"","sysaffected":"","thanks":"This vulnerability was reported by Georgi Guninski.","author":"This document was written by Jeff Gennari.","public":["http://www.guninski.com/modproxy1.html","http://secunia.com/advisories/11841/","http://www-1.ibm.com/support/docview.wss?rs=177&context=SSEQTJ&uid=swg21173021"],"cveids":["CVE-2004-0492"],"certadvisory":"","uscerttechnicalalert":null,"datecreated":"2004-06-10T17:15:17Z","publicdate":"2004-06-10T00:00:00Z","datefirstpublished":"2004-10-19T17:55:37Z","dateupdated":"2004-10-19T17:55:43Z","revision":108,"vrda_d1_directreport":"","vrda_d1_population":"","vrda_d1_impact":"","cam_widelyknown":"15","cam_exploitation":"0","cam_internetinfrastructure":"13","cam_population":"10","cam_impact":"5","cam_easeofexploitation":"9","cam_attackeraccessrequired":"17","cam_scorecurrent":"4.01625","cam_scorecurrentwidelyknown":"4.7334375","cam_scorecurrentwidelyknownexploited":"7.6021875","ipprotocol":"","cvss_accessvector":"","cvss_accesscomplexity":"","cvss_authentication":null,"cvss_confidentialityimpact":"","cvss_integrityimpact":"","cvss_availabilityimpact":"","cvss_exploitablity":null,"cvss_remediationlevel":"","cvss_reportconfidence":"","cvss_collateraldamagepotential":"","cvss_targetdistribution":"","cvss_securityrequirementscr":"","cvss_securityrequirementsir":"","cvss_securityrequirementsar":"","cvss_basescore":"","cvss_basevector":"","cvss_temporalscore":"","cvss_environmentalscore":"","cvss_environmentalvector":"","metric":4.01625,"vulnote":null}