Oval Definition:oval:org.mitre.oval:def:100112
Revision Date:2008-11-24Version:17
Title:Apache mod_proxy Content-Length Header Buffer Overflow
Description:Heap-based buffer overflow in proxy_util.c for mod_proxy in Apache 1.3.25 to 1.3.31 allows remote attackers to cause a denial of service (process crash) and possibly execute arbitrary code via a negative Content-Length HTTP header field, which causes a large amount of data to be copied.
Family:unixClass:vulnerability
Status:ACCEPTEDReference(s):CVE-2004-0492
Platform(s):Sun Solaris 8
Sun Solaris 9
Product(s):Apache httpd
Definition Synopsis
  • Applicable version of Solaris is running
  • Solaris 8 (SPARC) meets Sun Alert ID 101555 criteria.
  • Solaris 8 Installed
  • AND Installed architecture is sparc
  • AND NOT Patch 116973-02 or later installed
  • OR Solaris 8 (x86) meets Sun Alert ID 101555 criteria.
  • Solaris 8 Installed
  • AND ix86 architecture
  • AND NOT Patch 116974-02 or later installed
  • OR Solaris 9 (SPARC) meets Sun Alert ID 101555 criteria.
  • Solaris 9 Installed
  • AND Installed architecture is sparc
  • AND NOT Patch 113146-05 or later installed
  • OR Solaris 9 (x86) meets Sun Alert ID 101555 criteria.
  • Solaris 9 Installed
  • AND ix86 architecture
  • AND NOT Patch 114145-04 or later installed
  • AND Apache running (httpd)
    • BACK