CVE-2004-0700 – mod_proxy hook format string
https://notcve.org/view.php?id=CVE-2004-0700
Format string vulnerability in the mod_proxy hook functions function in ssl_engine_log.c in mod_ssl before 2.8.19 for Apache before 1.3.31 may allow remote attackers to execute arbitrary messages via format string specifiers in certain log messages for HTTPS that are handled by the ssl_log function. Vulnerabilidad de cadena de formateo en la función ssl_log en ssl_engine_log.c en mod_ssl 2.8.10 de Apache 1.3.31 puede permitir a atacantes remotos ejecutar mensajes de su elección mediante especificadores de cadena de formato en ciertos mensajes de registro de HTTPS. • http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000857 http://marc.info/?l=apache-modssl&m=109001100906749&w=2 http://marc.info/?l=bugtraq&m=109005001205991&w=2 http://packetstormsecurity.org/0407-advisories/modsslFormat.txt http://virulent.siyahsapka.org http://www.debian.org/security/2004/dsa-532 http://www.kb.cert.org/vuls/id/303448 http://www.mandrakesecure.net/en/advisories/advisory.php?name=MDKSA-2004:075 http://www.osvdb.org/7929 http://www.redhat. •
CVE-2002-1157
https://notcve.org/view.php?id=CVE-2002-1157
Cross-site scripting vulnerability in the mod_ssl Apache module 2.8.9 and earlier, when UseCanonicalName is off and wildcard DNS is enabled, allows remote attackers to execute script as other web site visitors, via the server name in an HTTPS response on the SSL port, which is used in a self-referencing URL, a different vulnerability than CAN-2002-0840. Vulnerabilidad de scripts en sitios cruzados en el módulo de Apache mod_ssl 2.8.9 y anteriores, cuando UseCanonicalName está desactivado y DNS comodín está activado, permite a atacantes remotos ejecutar scripts como otros visitantes del sitio web, mediante el nombre del servidor en una respuesta HTTPS en el puerto SSL, usado en una URL que se referencia a sí misma. Es una vulnerabilidad distinta de CAN-2002-0840. • http://archives.neohapsis.com/archives/bugtraq/2002-10/0374.html http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000541 http://online.securityfocus.com/archive/1/296753 http://www.debian.org/security/2002/dsa-181 http://www.iss.net/security_center/static/10457.php http://www.linux-mandrake.com/en/security/2002/MDKSA-2002-072.php http://www.linuxsecurity.com/advisories/other_advisory-2512.html http://www.osvdb.org/2107 http://www.redhat.com/support/errata/RHSA- •
CVE-2002-0653 – Apache mod_ssl 2.8.x - Off-by-One HTAccess Buffer Overflow
https://notcve.org/view.php?id=CVE-2002-0653
Off-by-one buffer overflow in the ssl_compat_directive function, as called by the rewrite_command hook for mod_ssl Apache module 2.8.9 and earlier, allows local users to execute arbitrary code as the Apache server user via .htaccess files with long entries. • https://www.exploit-db.com/exploits/21575 ftp://ftp.caldera.com/pub/security/OpenLinux/CSSA-2002-031.0.txt http://archives.neohapsis.com/archives/bugtraq/2002-06/0350.html http://archives.neohapsis.com/archives/hp/2002-q3/0018.html http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000504 http://marc.info/?l=bugtraq&m=102513970919836&w=2 http://marc.info/?l=bugtraq&m=102563469326072&w=2 http://marc.info/?l=vuln-dev&m=102477330617604&w=2 http://rhn. • CWE-193: Off-by-one Error •
CVE-2002-0082 – Apache mod_ssl < 2.8.7 OpenSSL - 'OpenFuckV2.c' Remote Buffer Overflow
https://notcve.org/view.php?id=CVE-2002-0082
The dbm and shm session cache code in mod_ssl before 2.8.7-1.3.23, and Apache-SSL before 1.3.22+1.46, does not properly initialize memory using the i2d_SSL_SESSION function, which allows remote attackers to use a buffer overflow to execute arbitrary code via a large client certificate that is signed by a trusted Certificate Authority (CA), which produces a large serialized session. El código de mod_ssl dbm y shm cache anteriores a 2.8.7-1.3.23 y Apache-SSL anteriores a 1.3.22 1.46 no inicializa adecuadamente la memoria usando la función i2d_SSL_SESSION, lo que permite a atacantes remotos usar un desbordamiento de buffer para ejecutar código arbitrario mediante un certificado de cliente largo firmado por una Autoricad Certificadora (CA) larga, lo que produce una sesión serializada larga. • https://www.exploit-db.com/exploits/47080 https://www.exploit-db.com/exploits/21671 https://www.exploit-db.com/exploits/764 http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000465 http://ftp.support.compaq.com/patches/.new/html/SSRT0817.shtml http://marc.info/?l=bugtraq&m=101518491916936&w=2 http://marc.info/?l=bugtraq&m=101528358424306&w=2 http://online.securityfocus.com/archive/1/258646 http://packetstormsecurity.com/files/153567/Apache-mod_ssl-OpenSSL-Remote •