Apache Web Server Configuration File Environment Variable Local Buffer Overflow Vulnerability

Bugtraq ID: 11182
Class: Boundary Condition Error
CVE: CVE-2004-0747
Remote: No
Local: Yes
Published: Sep 15 2004 12:00AM
Updated: May 01 2009 12:36AM
Credit: This vulnerability was discovered by Ulf Harnhammar.
Vulnerable: Turbolinux Turbolinux Desktop 10.0
Trustix Secure Linux 2.1
Trustix Secure Linux 2.0
Trustix Secure Enterprise Linux 2.0
Redhat Enterprise Linux WS 3
Redhat Enterprise Linux ES 3
Redhat Enterprise Linux AS 3
Redhat Desktop 3.0
Mandriva Linux Mandrake 10.0 AMD64
Mandriva Linux Mandrake 10.0
Mandriva Linux Mandrake 9.2 amd64
Mandriva Linux Mandrake 9.2
IBM HTTP Server 2.0.47 .1
IBM HTTP Server 2.0.47
IBM HTTP Server 2.0.42 .2
HP Tru64 UNIX Compaq Secure Web Server 6.3
HP Tru64 UNIX Compaq Secure Web Server 5.9.2
HP Tru64 UNIX Compaq Secure Web Server 5.9.1
HP Tru64 UNIX Compaq Secure Web Server 5.8.2
HP Tru64 UNIX Compaq Secure Web Server 5.8.1
HP Tru64 UNIX Compaq Secure Web Server 5.1 A
HP Tru64 UNIX Compaq Secure Web Server 5.1
HP Tru64 UNIX Compaq Secure Web Server 5.0 A
HP Tru64 UNIX Compaq Secure Web Server 4.0 G
HP Tru64 UNIX Compaq Secure Web Server 4.0 F
HP OpenVMS Secure Web Server 7.3 -2
HP OpenVMS Secure Web Server 7.3 -1
HP OpenVMS Secure Web Server 7.3
HP OpenVMS Secure Web Server 7.2 -2
HP HP-UX B.11.23
HP HP-UX B.11.22
HP HP-UX B.11.11
HP HP-UX B.11.00
HP Compaq Secure Web Server for OpenVMS 2.0 PHP
HP Compaq Secure Web Server for OpenVMS 2.0
HP Compaq Secure Web Server for OpenVMS 1.3
HP Compaq Secure Web Server for OpenVMS 1.2
Gentoo Linux 1.4
Computer Associates ARCserve Backup for Unix 11.5 SP3
Computer Associates ARCserve Backup for Unix 11.5 SP2
Computer Associates ARCserve Backup for Unix 11.5 GA
Computer Associates ARCServe Backup for Tru64 11.5
Computer Associates ARCServe Backup for Solaris 11.5
Computer Associates ARCserve Backup for Linux 11.5 SP3
Computer Associates ARCserve Backup for Linux 11.5 SP2
Computer Associates ARCserve Backup for Linux 11.5 SP1
Computer Associates ARCserve Backup for Linux 11.5 GA
Computer Associates ARCServe Backup for HP-UX 11.5
Computer Associates ARCServe Backup for AIX 11.5
Apache Apache 2.0.50
+ Mandriva Linux Mandrake 10.1 x86_64
+ Mandriva Linux Mandrake 10.1
Apache Apache 2.0.49
+ S.u.S.E. Linux Personal 9.1
+ Trustix Secure Linux 2.1
+ Trustix Secure Linux 2.0
Apache Apache 2.0.48
+ Mandriva Linux Mandrake 10.0 AMD64
+ Mandriva Linux Mandrake 10.0
+ S.u.S.E. Linux Personal 9.0 x86_64
+ S.u.S.E. Linux Personal 9.0
+ S.u.S.E. Linux Personal 8.2
+ SuSE Linux 8.1
+ Trustix Secure Linux 2.1
+ Trustix Secure Linux 2.0
Apache Apache 2.0.47
+ Apple Mac OS X Server 10.3.5
+ Apple Mac OS X Server 10.3.4
+ Apple Mac OS X Server 10.3.3
+ Apple Mac OS X Server 10.3.2
+ Apple Mac OS X Server 10.3.1
+ Apple Mac OS X Server 10.3
+ Apple Mac OS X Server 10.2.8
+ Apple Mac OS X Server 10.2.7
+ Apple Mac OS X Server 10.2.6
+ Apple Mac OS X Server 10.2.5
+ Apple Mac OS X Server 10.2.4
+ Apple Mac OS X Server 10.2.3
+ Apple Mac OS X Server 10.2.2
+ Apple Mac OS X Server 10.2.1
+ Apple Mac OS X Server 10.2
+ Apple Mac OS X Server 10.1.5
+ Apple Mac OS X Server 10.1.4
+ Apple Mac OS X Server 10.1.3
+ Apple Mac OS X Server 10.1.2
+ Apple Mac OS X Server 10.1.1
+ Apple Mac OS X Server 10.1
+ Mandriva Linux Mandrake 9.2 amd64
+ Mandriva Linux Mandrake 9.2
+ Mandriva Linux Mandrake 9.1 ppc
+ Mandriva Linux Mandrake 9.1
Apache Apache 2.0.46
+ Redhat Desktop 3.0
+ Redhat Enterprise Linux AS 3
+ Redhat Enterprise Linux ES 3
+ Redhat Enterprise Linux WS 3
+ Trustix Secure Linux 2.0
Apache Apache 2.0.45
- Apple Mac OS X 10.2.6
- Apple Mac OS X 10.2.5
- Apple Mac OS X 10.2.4
- Apple Mac OS X 10.2.3
- Apple Mac OS X 10.2.2
- Apple Mac OS X 10.2.1
- Apple Mac OS X 10.2
- Apple Mac OS X 10.1.5
- Apple Mac OS X 10.1.4
- Apple Mac OS X 10.1.3
- Apple Mac OS X 10.1.2
- Apple Mac OS X 10.1.1
- Apple Mac OS X 10.1
- Apple Mac OS X 10.1
- Apple Mac OS X 10.0.4
- Apple Mac OS X 10.0.3
- Apple Mac OS X 10.0.2
- Apple Mac OS X 10.0.1
- Apple Mac OS X 10.0
Apache Apache 2.0.44
Apache Apache 2.0.43
Apache Apache 2.0.42
+ Gentoo Linux 1.4 _rc1
+ Gentoo Linux 1.2
Apache Apache 2.0.41
Apache Apache 2.0.40
+ Redhat Linux 9.0 i386
+ Redhat Linux 8.0
+ Terra Soft Solutions Yellow Dog Linux 3.0
Apache Apache 2.0.39
Apache Apache 2.0.38
Apache Apache 2.0.37
Apache Apache 2.0.36
Apache Apache 2.0.35
Apache Apache 2.0.32
Apache Apache 2.0.28
Apache Apache 2.0
Not Vulnerable: HP Tru64 UNIX Compaq Secure Web Server 6.3.2 a
Apache Apache 2.0.51
+ Redhat Fedora Core2
+ Redhat Fedora Core1


 

Privacy Statement
Copyright 2010, SecurityFocus