|
|
Apache Mod_Proxy Remote Negative Content-Length Buffer Overflow Vulnerability
|
Bugtraq ID:
|
10508
|
|
Class:
|
Boundary Condition Error
|
|
CVE:
|
CAN-2004-0492
|
|
Remote:
|
Yes
|
|
Local:
|
No
|
|
Published:
|
Jun 10 2004 12:00AM
|
|
Updated:
|
Jun 10 2004 12:00AM
|
|
Credit:
|
Discovery is credited to Georgi Guninski.
|
|
Vulnerable:
|
Trustix Secure Linux 1.5
Sun Solaris 9_x86
Sun Solaris 9
Sun Solaris 8_x86
Sun Solaris 8
Slackware Linux 10.0
Slackware Linux 9.1
Slackware Linux 9.0
Slackware Linux 8.1
SGI ProPack 2.4
RedHat Linux 7.3
RedHat Enterprise Linux WS 2.1 IA64
RedHat Enterprise Linux WS 2.1
RedHat Enterprise Linux ES 2.1 IA64
RedHat Enterprise Linux ES 2.1
RedHat Enterprise Linux AS 2.1 IA64
RedHat Enterprise Linux AS 2.1
RedHat Advanced Workstation for the Itanium Processor 2.1 IA64
RedHat Advanced Workstation for the Itanium Processor 2.1
OpenBSD OpenBSD 3.5
OpenBSD OpenBSD 3.4
OpenBSD OpenBSD -current
IBM HTTP Server 1.3.28
IBM HTTP Server 1.3.26 .2
IBM HTTP Server 1.3.26 .1
IBM HTTP Server 1.3.26
HP Webproxy 2.1
+
HP HP-UX 11.0 4
HP Webproxy 2.0
+
HP HP-UX 11.0 4
HP Webproxy A.02.10
+
HP HP-UX B.11.04
HP Webproxy A.02.00
+
HP HP-UX B.11.04
HP VirtualVault 11.0.4
HP VirtualVault A.04.70
+
HP HP-UX B.11.04
HP VirtualVault A.04.60
+
HP HP-UX B.11.04
HP VirtualVault A.04.50
+
HP HP-UX B.11.04
HP HP-UX (VVOS) 11.0 4
HP HP-UX 11.22
HP HP-UX 11.20
HP HP-UX 11.11
HP HP-UX 11.0
HP HP-UX B.11.22
HP HP-UX B.11.11
HP HP-UX B.11.00
Apache Software Foundation Apache 1.3.32
+
Gentoo Linux 1.4
+
Gentoo Linux
Apache Software Foundation Apache 1.3.31
+
OpenPKG OpenPKG Current
Apache Software Foundation Apache 1.3.29
+
Apple Mac OS X 10.3.5
+
Apple Mac OS X 10.2.7
+
Apple Mac OS X Server 10.3.5
+
Apple Mac OS X Server 10.2.7
+
MandrakeSoft Linux Mandrake 10.0 AMD64
+
MandrakeSoft Linux Mandrake 10.0
+
OpenPKG OpenPKG 2.0
Apache Software Foundation Apache 1.3.28
+
Conectiva Linux 8.0
+
MandrakeSoft Linux Mandrake 9.2 amd64
+
MandrakeSoft Linux Mandrake 9.2
+
OpenBSD OpenBSD 3.4
+
OpenPKG OpenPKG 1.3
Apache Software Foundation Apache 1.3.27
+
HP HP-UX (VVOS) 11.0 4
+
HP VirtualVault 4.6
+
HP VirtualVault 4.5
+
HP Webproxy 2.0
+
Immunix Immunix OS 7+
+
MandrakeSoft Linux Mandrake 9.1 ppc
+
MandrakeSoft Linux Mandrake 9.1
+
OpenBSD OpenBSD 3.3
+
OpenPKG OpenPKG Current
+
RedHat Enterprise Linux AS 2.1 IA64
+
RedHat Enterprise Linux AS 2.1
+
RedHat Enterprise Linux ES 2.1 IA64
+
RedHat Enterprise Linux ES 2.1
+
RedHat Enterprise Linux WS 2.1 IA64
+
RedHat Enterprise Linux WS 2.1
+
RedHat Linux Advanced Work Station 2.1
+
SGI IRIX 6.5.19
Apache Software Foundation Apache 1.3.26
+
Conectiva Linux 8.0
+
Conectiva Linux 7.0
+
Conectiva Linux 6.0
+
Debian Linux 3.0 sparc
+
Debian Linux 3.0 s/390
+
Debian Linux 3.0 ppc
+
Debian Linux 3.0 mipsel
+
Debian Linux 3.0 mips
+
Debian Linux 3.0 m68k
+
Debian Linux 3.0 ia-64
+
Debian Linux 3.0 ia-32
+
Debian Linux 3.0 hppa
+
Debian Linux 3.0 arm
+
Debian Linux 3.0 alpha
+
MandrakeSoft Corporate Server 2.1 x86_64
+
MandrakeSoft Corporate Server 2.1
+
MandrakeSoft Linux Mandrake 9.0
+
OpenPKG OpenPKG 1.1
+
Trustix Secure Linux 1.5
+
Trustix Secure Linux 1.2
+
Trustix Secure Linux 1.1
|
|
|
|
Not Vulnerable:
|
IBM HTTP Server 2.0.47
IBM HTTP Server 2.0.42 .2
IBM HTTP Server 2.0.42
IBM HTTP Server 1.3.19 .5
IBM HTTP Server 1.3.19 .4
IBM HTTP Server 1.3.19 .3
IBM HTTP Server 1.3.19 .2
IBM HTTP Server 1.3.19 .1
IBM HTTP Server 1.3.19
-
HP HP-UX 11.0
-
IBM AIX 4.3.3
-
Microsoft Windows NT 4.0 SP6a
-
Microsoft Windows NT 4.0 SP5
-
Microsoft Windows NT 4.0 SP4
-
RedHat Linux 7.1
-
S.u.S.E. Linux 7.1
-
Sun Solaris 7.0
-
Sun Solaris 2.6
Apache Software Foundation Apache 1.3.33
+
Apple Mac OS X 10.3.6
+
Apple Mac OS X 10.2.8
+
Apple Mac OS X Server 10.3.6
+
Apple Mac OS X Server 10.2.8
+
Debian Linux 3.1 sparc
+
Debian Linux 3.1 s/390
+
Debian Linux 3.1 ppc
+
Debian Linux 3.1 mipsel
+
Debian Linux 3.1 mips
+
Debian Linux 3.1 m68k
+
Debian Linux 3.1 ia-64
+
Debian Linux 3.1 ia-32
+
Debian Linux 3.1 hppa
+
Debian Linux 3.1 arm
+
Debian Linux 3.1 amd64
+
Debian Linux 3.1 alpha
+
Debian Linux 3.1
|
|
|
