Apache 'mod_ssl' Log Function Format String Vulnerability

Bugtraq ID: 10736
Class: Input Validation Error
CVE: CVE-2004-0700
Remote: Yes
Local: No
Published: Jul 16 2004 12:00AM
Updated: Jun 30 2008 11:52PM
Credit: Discovery is credited to Virulent and Ralf S. Engelschall.
Vulnerable: VMWare ESX Server 2.1.2
VMWare ESX Server 2.1.1
VMWare ESX Server 2.1
VMWare ESX Server 2.0.1 build 6403
VMWare ESX Server 2.0.1
VMWare ESX Server 2.0 build 5257
VMWare ESX Server 2.0
VMWare ESX Server 1.5.2
Redhat Network Proxy (for RHEL 4) 4.2
Redhat Network Proxy (for RHEL 3) 4.2
Redhat Linux 7.3 i686
Redhat Linux 7.3 i386
Redhat Linux 7.3
Oracle Oracle HTTP Server for Apps only 1.0.2 .1s
Oracle Oracle HTTP Server 9.2 .0
+ Apache Apache 1.3.22
Oracle Oracle HTTP Server 9.1
+ Apache Apache 1.3.12
Oracle Oracle HTTP Server 9.0.3 .1
+ Oracle Oracle9i Application Server 9.0.3 .1
Oracle Oracle HTTP Server 9.0.2 .3
+ Oracle Oracle9i Application Server 9.0.2 .3
Oracle Oracle HTTP Server 9.0.2
Oracle Oracle HTTP Server 9.0.1
Oracle Oracle HTTP Server 8.1.7
Oracle Oracle HTTP Server 1.0.2 .2 Roll up 2
Oracle Oracle HTTP Server 1.0.2 .2
Oracle Oracle HTTP Server 1.0.2 .1
Oracle Oracle HTTP Server 1.0.2 .0
Oracle HTTP Server for Server 9.2
Oracle HTTP Server for Server 9.0.1
Oracle HTTP Server for Server 8.1.7
mod_ssl mod_ssl 2.8.18
mod_ssl mod_ssl 2.8.17
mod_ssl mod_ssl 2.8.16
+ Mandriva Linux Mandrake 10.0 AMD64
+ Mandriva Linux Mandrake 10.0
mod_ssl mod_ssl 2.8.15
+ Mandriva Linux Mandrake 9.2 amd64
+ Mandriva Linux Mandrake 9.2
mod_ssl mod_ssl 2.8.14
mod_ssl mod_ssl 2.8.12
+ Mandriva Linux Mandrake 9.1 ppc
+ Mandriva Linux Mandrake 9.1
mod_ssl mod_ssl 2.8.10
- Apache Apache 1.3.26
+ MandrakeSoft Corporate Server 2.1 x86_64
+ MandrakeSoft Corporate Server 2.1
+ Slackware Linux 8.1
mod_ssl mod_ssl 2.8.9
- Apache Apache 1.3.26
+ Debian Linux 3.0 sparc
+ Debian Linux 3.0 s/390
+ Debian Linux 3.0 ppc
+ Debian Linux 3.0 mipsel
+ Debian Linux 3.0 mips
+ Debian Linux 3.0 m68k
+ Debian Linux 3.0 ia-64
+ Debian Linux 3.0 ia-32
+ Debian Linux 3.0 hppa
+ Debian Linux 3.0 arm
+ Debian Linux 3.0 alpha
+ Debian Linux 3.0
+ Debian Linux 2.2 sparc
+ Debian Linux 2.2 powerpc
+ Debian Linux 2.2 IA-32
+ Debian Linux 2.2 arm
+ Debian Linux 2.2 alpha
+ Debian Linux 2.2 68k
+ Debian Linux 2.2
+ HP Secure OS software for Linux 1.0
+ Slackware Linux 8.1
mod_ssl mod_ssl 2.8.8
- Apache Apache 1.3.24
mod_ssl mod_ssl 2.8.7
+ Apache Apache 1.3.23
+ MandrakeSoft Multi Network Firewall 2.0
+ Redhat Linux 7.3 i386
+ Redhat Linux 7.3
mod_ssl mod_ssl 2.8.6
+ Apache Apache 1.3.22
+ Apache Apache 1.3.20
+ Apache Apache 1.3.20
+ Apache Apache 1.3.19
+ Apache Apache 1.3.19
+ Apache Apache 1.3.18
+ Apache Apache 1.3.18
+ Apache Apache 1.3.17
+ Apache Apache 1.3.17
+ Apache Apache 1.3.16
+ Apache Apache 1.3.15
+ Apache Apache 1.3.14 Mac
+ Apache Apache 1.3.14
+ Apache Apache 1.3.14
+ Apache Apache 1.3.13
+ Apache Apache 1.3.12
+ Apache Apache 1.3.12
+ Apache Apache 1.3.11
+ Apache Apache 1.3.11
+ Apache Apache 1.3.9
+ Apache Apache 1.3.9
+ Apache Apache 1.3.7 -dev
+ Apache Apache 1.3.6
+ Apache Apache 1.3.4
+ Apache Apache 1.3.3
+ Apache Apache 1.3.1
+ Apache Apache 1.3
+ Apache Apache 1.2.5
+ Apache Apache 1.2
+ Compaq Compaq Secure Web Server for OpenVMS 1.2
+ Compaq Compaq Secure Web Server for OpenVMS 1.1 -1
+ Compaq Compaq Secure Web Server for OpenVMS 1.0 -1
+ Compaq Compaq Secure Web Server for Tru64 5.5.2
mod_ssl mod_ssl 2.8.5 -2
- Apache Apache 1.3.22
mod_ssl mod_ssl 2.8.5 -1
mod_ssl mod_ssl 2.8.5
mod_ssl mod_ssl 2.8.4
+ Apache Apache 1.3.22
+ Apache Apache 1.3.20
+ Apache Apache 1.3.20
+ Apache Apache 1.3.19
+ Apache Apache 1.3.19
+ Apache Apache 1.3.18
+ Apache Apache 1.3.18
+ Apache Apache 1.3.17
+ Apache Apache 1.3.17
+ Apache Apache 1.3.16
+ Apache Apache 1.3.15
+ Apache Apache 1.3.14 Mac
+ Apache Apache 1.3.14
+ Apache Apache 1.3.14
+ Apache Apache 1.3.13
+ Apache Apache 1.3.12
+ Apache Apache 1.3.12
+ Apache Apache 1.3.11
+ Apache Apache 1.3.11
+ Apache Apache 1.3.9
+ Apache Apache 1.3.9
+ Apache Apache 1.3.7 -dev
+ Apache Apache 1.3.6
+ Apache Apache 1.3.4
+ Apache Apache 1.3.3
+ Apache Apache 1.3.1
+ Apache Apache 1.3
+ Apache Apache 1.2.5
+ Apache Apache 1.2
+ MandrakeSoft Single Network Firewall 7.2
+ Slackware Linux 8.1
mod_ssl mod_ssl 2.8.3
+ Apache Apache 1.3.22
+ Apache Apache 1.3.20
+ Apache Apache 1.3.20
+ Apache Apache 1.3.19
+ Apache Apache 1.3.19
+ Apache Apache 1.3.18
+ Apache Apache 1.3.18
+ Apache Apache 1.3.17
+ Apache Apache 1.3.17
+ Apache Apache 1.3.16
+ Apache Apache 1.3.15
+ Apache Apache 1.3.14 Mac
+ Apache Apache 1.3.14
+ Apache Apache 1.3.14
+ Apache Apache 1.3.13
+ Apache Apache 1.3.12
+ Apache Apache 1.3.12
+ Apache Apache 1.3.11
+ Apache Apache 1.3.11
+ Apache Apache 1.3.9
+ Apache Apache 1.3.9
+ Apache Apache 1.3.7 -dev
+ Apache Apache 1.3.6
+ Apache Apache 1.3.4
+ Apache Apache 1.3.3
+ Apache Apache 1.3.1
+ Apache Apache 1.3
+ Apache Apache 1.2.5
+ Apache Apache 1.2
mod_ssl mod_ssl 2.8.2
+ Apache Apache 1.3.22
+ Apache Apache 1.3.20
+ Apache Apache 1.3.20
+ Apache Apache 1.3.19
+ Apache Apache 1.3.19
+ Apache Apache 1.3.18
+ Apache Apache 1.3.18
+ Apache Apache 1.3.17
+ Apache Apache 1.3.17
+ Apache Apache 1.3.16
+ Apache Apache 1.3.15
+ Apache Apache 1.3.14 Mac
+ Apache Apache 1.3.14
+ Apache Apache 1.3.14
+ Apache Apache 1.3.13
+ Apache Apache 1.3.12
+ Apache Apache 1.3.12
+ Apache Apache 1.3.11
+ Apache Apache 1.3.11
+ Apache Apache 1.3.9
+ Apache Apache 1.3.9
+ Apache Apache 1.3.7 -dev
+ Apache Apache 1.3.6
+ Apache Apache 1.3.4
+ Apache Apache 1.3.3
+ Apache Apache 1.3.1
+ Apache Apache 1.3
+ Apache Apache 1.2.5
+ Apache Apache 1.2
mod_ssl mod_ssl 2.8.1 -2
+ Apache Apache 1.3.19
mod_ssl mod_ssl 2.8.1
+ Apache Apache 1.3.22
+ Apache Apache 1.3.20
+ Apache Apache 1.3.20
+ Apache Apache 1.3.19
+ Apache Apache 1.3.19
+ Apache Apache 1.3.18
+ Apache Apache 1.3.18
+ Apache Apache 1.3.17
+ Apache Apache 1.3.17
+ Apache Apache 1.3.16
+ Apache Apache 1.3.15
+ Apache Apache 1.3.14 Mac
+ Apache Apache 1.3.14
+ Apache Apache 1.3.14
+ Apache Apache 1.3.13
+ Apache Apache 1.3.12
+ Apache Apache 1.3.12
+ Apache Apache 1.3.11
+ Apache Apache 1.3.11
+ Apache Apache 1.3.9
+ Apache Apache 1.3.9
+ Apache Apache 1.3.7 -dev
+ Apache Apache 1.3.6
+ Apache Apache 1.3.4
+ Apache Apache 1.3.3
+ Apache Apache 1.3.1
+ Apache Apache 1.3
+ Apache Apache 1.2.5
+ Apache Apache 1.2
+ Redhat Secure Web Server 3.2 i386
mod_ssl mod_ssl 2.8
mod_ssl mod_ssl 2.7.1
+ Apache Apache 1.3.22
+ Apache Apache 1.3.20
+ Apache Apache 1.3.19
+ Apache Apache 1.3.18
+ Apache Apache 1.3.17
+ Apache Apache 1.3.14
+ Apache Apache 1.3.12
+ Apache Apache 1.3.11
+ Apache Apache 1.3.9
+ Apache Apache 1.3.4
+ Apache Apache 1.3.3
+ Apache Apache 1.3.1
+ Apache Apache 1.3
+ Apache Apache 1.2.5
+ Apache Apache 1.2
+ EnGarde Secure Linux 1.0.1
mod_ssl mod_ssl 2.7 .0
- Apache Apache 1.3.14
mod_ssl mod_ssl 2.6.6
+ Apache Apache 1.3.12
mod_ssl mod_ssl 2.6.5
+ Apache Apache 1.3.12
mod_ssl mod_ssl 2.6.4
mod_ssl mod_ssl 2.6.3
+ Apache Apache 1.3.12
mod_ssl mod_ssl 2.6.2
+ Apache Apache 1.3.12
mod_ssl mod_ssl 2.6.1
+ Apache Apache 1.3.12
mod_ssl mod_ssl 2.6 .0
+ Apache Apache 1.3.12
mod_ssl mod_ssl 2.5.1
+ Apache Apache 1.3.11
mod_ssl mod_ssl 2.5 .0
+ Apache Apache 1.3.11
mod_ssl mod_ssl 2.4.10
+ Apache Apache 1.3.22
+ Apache Apache 1.3.20
+ Apache Apache 1.3.19
+ Apache Apache 1.3.18
+ Apache Apache 1.3.17
+ Apache Apache 1.3.14
+ Apache Apache 1.3.12
+ Apache Apache 1.3.11
+ Apache Apache 1.3.9
+ Apache Apache 1.3.4
+ Apache Apache 1.3.3
+ Apache Apache 1.3.1
+ Apache Apache 1.3
+ Apache Apache 1.2.5
+ Apache Apache 1.2
mod_ssl mod_ssl 2.4.9
+ Apache Apache 1.3.9
mod_ssl mod_ssl 2.4.8
+ Apache Apache 1.3.9
mod_ssl mod_ssl 2.4.7
+ Apache Apache 1.3.9
mod_ssl mod_ssl 2.4.6
+ Apache Apache 1.3.9
mod_ssl mod_ssl 2.4.5
+ Apache Apache 1.3.9
mod_ssl mod_ssl 2.4.4
mod_ssl mod_ssl 2.4.3
+ Apache Apache 1.3.9
mod_ssl mod_ssl 2.4.2
+ Apache Apache 1.3.9
mod_ssl mod_ssl 2.4.1
mod_ssl mod_ssl 2.4 .10
+ Apache Apache 1.3.9
+ Debian Linux 2.2 sparc
+ Debian Linux 2.2 powerpc
+ Debian Linux 2.2 IA-32
+ Debian Linux 2.2 arm
+ Debian Linux 2.2 alpha
+ Debian Linux 2.2 68k
+ Debian Linux 2.2
mod_ssl mod_ssl 2.4 .0
mod_ssl mod_ssl 2.3.11
+ Apache Apache 1.3.6
HP Webproxy A.02.10
+ HP HP-UX B.11.04
HP Webproxy A.02.00
HP VirtualVault A.04.70
+ HP HP-UX B.11.04
HP VirtualVault A.04.60
+ HP HP-UX B.11.04
HP VirtualVault A.04.50
+ HP HP-UX B.11.04
HP HP-UX 11.22
HP HP-UX 11.20
HP HP-UX 11.11
HP HP-UX 11.0 4
HP HP-UX 11.0
HP HP-UX B.11.22
HP HP-UX B.11.11
HP HP-UX B.11.00
Gentoo Linux 1.4
Avaya S8700 R2.0.1
Avaya S8700 R2.0.0
Avaya S8500 R2.0.1
Avaya S8500 R2.0.0
Avaya S8300 R2.0.1
Avaya S8300 R2.0.0
Avaya Converged Communications Server 2.0
Apache Apache 2.0.50
+ Mandriva Linux Mandrake 10.1 x86_64
+ Mandriva Linux Mandrake 10.1
Apache Apache 2.0.49
+ S.u.S.E. Linux Personal 9.1
+ Trustix Secure Linux 2.1
+ Trustix Secure Linux 2.0
Apache Apache 2.0.48
+ Mandriva Linux Mandrake 10.0 AMD64
+ Mandriva Linux Mandrake 10.0
+ S.u.S.E. Linux 8.1
+ S.u.S.E. Linux Personal 9.0 x86_64
+ S.u.S.E. Linux Personal 9.0
+ S.u.S.E. Linux Personal 8.2
+ Trustix Secure Linux 2.1
+ Trustix Secure Linux 2.0
Apache Apache 2.0.47
Apache Apache 2.0.46
+ Redhat Desktop 3.0
+ Redhat Enterprise Linux AS 3
+ Redhat Enterprise Linux ES 3
+ Redhat Enterprise Linux WS 3
+ Trustix Secure Linux 2.0
Apache Apache 2.0.45
- Apple Mac OS X 10.2.6
- Apple Mac OS X 10.2.5
- Apple Mac OS X 10.2.4
- Apple Mac OS X 10.2.3
- Apple Mac OS X 10.2.2
- Apple Mac OS X 10.2.1
- Apple Mac OS X 10.2
- Apple Mac OS X 10.1.5
- Apple Mac OS X 10.1.4
- Apple Mac OS X 10.1.3
- Apple Mac OS X 10.1.2
- Apple Mac OS X 10.1.1
- Apple Mac OS X 10.1
- Apple Mac OS X 10.1
- Apple Mac OS X 10.0.4
- Apple Mac OS X 10.0.3
- Apple Mac OS X 10.0.2
- Apple Mac OS X 10.0.1
- Apple Mac OS X 10.0
Apache Apache 2.0.44
Apache Apache 2.0.43
Apache Apache 2.0.42
Apache Apache 2.0.41
Apache Apache 2.0.40
+ Redhat Linux 9.0 i386
+ Redhat Linux 8.0
+ Terra Soft Solutions Yellow Dog Linux 3.0
Apache Apache 2.0.39
Apache Apache 2.0.38
Apache Apache 2.0.37
Apache Apache 2.0.36
Apache Apache 2.0.35
Apache Apache 2.0.32
Apache Apache 2.0.28 Beta
Apache Apache 2.0.28
Apache Apache 2.0 a9
Apache Apache 2.0
Not Vulnerable: mod_ssl mod_ssl 2.8.19
+ Mandriva Linux Mandrake 10.1 x86_64
+ Mandriva Linux Mandrake 10.1


 

Privacy Statement
Copyright 2010, SecurityFocus