Vulnerability Name:

CVE-2004-0493 (CCN-16524)

Assigned:2004-06-28
Published:2004-06-28
Updated:2021-06-06
Summary:The ap_get_mime_headers_core function in Apache httpd 2.0.49 allows remote attackers to cause a denial of service (memory exhaustion), and possibly an integer signedness error leading to a heap-based buffer overflow on 64 bit systems, via long header lines with large numbers of space or tab characters.
CVSS v3 Severity:5.3 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N)
Exploitability Metrics:Attack Vector (AV): Network
Attack Complexity (AC): Low
Privileges Required (PR): None
User Interaction (UI): None
Scope:Scope (S): Unchanged
Impact Metrics:Confidentiality (C): None
Integrity (I): Low
Availibility (A): None
CVSS v2 Severity:6.4 Medium (CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:P/A:P)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Low
Authentication (Au): None
Impact Metrics:Confidentiality (C): None
Integrity (I): Partial
Availibility (A): Partial
5.0 Medium (CCN CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:P/A:N)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Low
Athentication (Au): None
Impact Metrics:Confidentiality (C): None
Integrity (I): Partial
Availibility (A): None
Vulnerability Type:CWE-Other
Vulnerability Consequences:Denial of Service
References:Source: CCN
Type: Full-Disclosure Mailing List, Mon Jun 28 2004 - 09:48:51 CDT
DoS in apache httpd 2.0.49, yet still apache much better than windows

Source: MITRE
Type: CNA
CVE-2004-0493

Source: CCN
Type: Conectiva Linux Security Announcement CLSA-2004:868
Several vulnerabilities in apache, mod_ssl and mod_dav

Source: FULLDISC
Type: UNKNOWN
20040628 DoS in apache httpd 2.0.49, yet still apache much better than windows

Source: BUGTRAQ
Type: UNKNOWN
20040629 TSSA-2004-012 - apache

Source: HP
Type: UNKNOWN
SSRT4777

Source: CCN
Type: RHSA-2004-342
httpd security update

Source: GENTOO
Type: UNKNOWN
GLSA-200407-03

Source: CONFIRM
Type: UNKNOWN
http://www.apacheweek.com/features/security-20

Source: CCN
Type: CIAC Information Bulletin 0-169
Apache Buffer Overflow Vulnerability [REVISED 29 Jun 2004]

Source: CCN
Type: CIAC Information Bulletin O-169
Apache Buffer Overflow Vulnerability [REVISED 4 Aug 2004]

Source: CCN
Type: CIAC Information Bulletin O-212
Apple Security Update

Source: CCN
Type: GLSA-200407-03
Apache 2: Remote denial of service attack

Source: MISC
Type: UNKNOWN
http://www.guninski.com/httpd1.html

Source: MANDRAKE
Type: UNKNOWN
MDKSA-2004:064

Source: REDHAT
Type: UNKNOWN
RHSA-2004:342

Source: BID
Type: Exploit, Patch, Vendor Advisory
10619

Source: CCN
Type: BID-10619
Apache ap_escape_html Memory Allocation Denial Of Service Vulnerability

Source: CCN
Type: Trustix Secure Linux Security Advisory #2004-0039
Several security vulnerabilities patched

Source: TRUSTIX
Type: UNKNOWN
2004-0039

Source: XF
Type: UNKNOWN
apache-apgetmimeheaderscore-dos(16524)

Source: XF
Type: UNKNOWN
apache-apgetmimeheaderscore-dos(16524)

Source: MLIST
Type: UNKNOWN
[httpd-cvs] 20190815 svn commit: r1048742 [2/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html

Source: MLIST
Type: UNKNOWN
[httpd-cvs] 20190815 svn commit: r1048743 [2/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html

Source: MLIST
Type: UNKNOWN
[httpd-cvs] 20200401 svn commit: r1058586 [2/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html

Source: MLIST
Type: UNKNOWN
[httpd-cvs] 20210330 svn commit: r1073140 [2/4] - in /websites/staging/httpd/trunk/content: ./ security/cvejsontohtml.py security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html

Source: MLIST
Type: UNKNOWN
[httpd-cvs] 20210606 svn commit: r1075470 [2/4] - in /websites/staging/httpd/trunk/content: ./ security/json/CVE-2020-13938.json security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html

Source: MLIST
Type: UNKNOWN
[httpd-cvs] 20210330 svn commit: r1073149 [4/13] - in /websites/staging/httpd/trunk/content: ./ security/ security/json/

Source: MLIST
Type: UNKNOWN
[httpd-cvs] 20200401 svn commit: r1058587 [2/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html

Source: MLIST
Type: UNKNOWN
[httpd-cvs] 20210330 svn commit: r1073143 [2/3] - in /websites/staging/httpd/trunk/content: ./ security/

Source: MLIST
Type: UNKNOWN
[httpd-cvs] 20210330 svn commit: r1073149 [1/13] - in /websites/staging/httpd/trunk/content: ./ security/ security/json/

Source: MLIST
Type: UNKNOWN
[httpd-cvs] 20210330 svn commit: r1888194 [3/13] - /httpd/site/trunk/content/security/json/

Source: MLIST
Type: UNKNOWN
[httpd-cvs] 20210330 svn commit: r1073139 [3/13] - in /websites/staging/httpd/trunk/content: ./ security/json/

Source: MLIST
Type: UNKNOWN
[httpd-cvs] 20210330 svn commit: r1073139 [1/13] - in /websites/staging/httpd/trunk/content: ./ security/json/

Source: OVAL
Type: UNKNOWN
oval:org.mitre.oval:def:10605

Source: SUSE
Type: SUSE-SA:2004:021
php4 / mod_php4: remote code execution

Source: CCN
Type: IBM Systems Support Web site
Support for HMC

Vulnerable Configuration:Configuration 1:
  • cpe:/h:avaya:converged_communications_server:2.0:*:*:*:*:*:*:*
  • OR cpe:/o:gentoo:linux:1.4:*:*:*:*:*:*:*
  • OR cpe:/o:trustix:secure_linux:2.1:*:*:*:*:*:*:*
  • OR cpe:/o:trustix:secure_linux:1.5:*:*:*:*:*:*:*
  • OR cpe:/o:trustix:secure_linux:2.0:*:*:*:*:*:*:*

    • Configuration 2:
  • cpe:/a:apache:http_server:2.0.49:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:http_server:2.0.42:*:*:*:*:*:*:*
  • OR cpe:/h:avaya:s8700:r2.0.0:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:http_server:2.0.47:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:http_server:2.0.47.1:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:http_server:2.0.42.1:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:http_server:2.0.42.2:*:*:*:*:*:*:*
  • OR cpe:/a:apache:http_server:2.0.47:*:*:*:*:*:*:*
  • OR cpe:/a:apache:http_server:2.0.48:*:*:*:*:*:*:*
  • OR cpe:/h:avaya:s8300:r2.0.0:*:*:*:*:*:*:*
  • OR cpe:/h:avaya:s8500:r2.0.0:*:*:*:*:*:*:*

    • Configuration RedHat 1:
  • cpe:/o:redhat:enterprise_linux:*:*:*:*:*:*:*:*

    • Configuration CCN 1:
  • cpe:/a:apache:http_server:2.0.47:*:*:*:*:*:*:*
  • OR cpe:/a:apache:http_server:2.0.49:*:*:*:*:*:*:*
  • OR cpe:/a:apache:http_server:2.0.48:*:*:*:*:*:*:*
  • AND
  • cpe:/o:redhat:linux:3.0:*:*:*:*:*:*:*
  • OR cpe:/o:hp:hp-ux:11.00:*:*:*:*:*:*:*
  • OR cpe:/o:hp:hp-ux:11.11:*:*:*:*:*:*:*
  • OR cpe:/o:trustix:secure_linux:1.5:*:*:*:*:*:*:*
  • OR cpe:/o:suse:suse_linux:8.0:*:*:*:*:*:*:*
  • OR cpe:/o:gentoo:linux:*:*:*:*:*:*:*:*
  • OR cpe:/a:suse:suse_linux_office_server:*:*:*:*:*:*:*:*
  • OR cpe:/o:hp:hp-ux:11.22:*:*:*:*:*:*:*
  • OR cpe:/o:suse:suse_linux:8.1:*:*:*:*:*:*:*
  • OR cpe:/o:suse:linux_enterprise_server:8:*:*:*:*:*:*:*
  • OR cpe:/o:mandrakesoft:mandrake_linux:9.1:*:*:*:*:*:*:*
  • OR cpe:/o:suse:suse_linux:8.2:*:*:*:*:*:*:*
  • OR cpe:/o:conectiva:linux:9.0:*:*:*:*:*:*:*
  • OR cpe:/o:trustix:secure_linux:2.0:*:*:*:*:*:*:*
  • OR cpe:/o:hp:hp-ux:11.23:*:*:*:*:*:*:*
  • OR cpe:/o:suse:suse_linux:9.0:*:*:*:*:*:*:*
  • OR cpe:/o:mandrakesoft:mandrake_linux:9.2:*:*:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:3::ws:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:3::es:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:3::as:*:*:*:*:*
  • OR cpe:/o:trustix:secure_linux:2.1:*:*:*:*:*:*:*
  • OR cpe:/o:mandrakesoft:mandrake_linux:10.0:*:*:*:*:*:*:*
  • OR cpe:/o:suse:suse_linux:9.1:*:*:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:3::desktop:*:*:*:*:*
  • OR cpe:/o:conectiva:linux:10:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:http_server:-:*:*:*:*:*:*:*
  • OR cpe:/o:mandrakesoft:mandrake_linux:9.1::ppc:*:*:*:*:*
  • OR cpe:/o:mandrakesoft:mandrake_linux:9.2::amd64:*:*:*:*:*
  • OR cpe:/o:mandrakesoft:mandrake_linux:10.0::amd64:*:*:*:*:*

    • * Denotes that component is vulnerable
    Oval Definitions
    Definition IDClassTitleLast Modified
    oval:org.mitre.oval:def:10605
    V
    		The ap_get_mime_headers_core function in Apache httpd 2.0.49 allows remote attackers to cause a denial of service (memory exhaustion), and possibly an integer signedness error leading to a heap-based buffer overflow on 64 bit systems, via long header lines with large numbers of space or tab characters.
    2013-04-29
    oval:com.redhat.rhsa:def:20040342
    P
    		RHSA-2004:342: httpd security update (Important)
    2004-07-06
    BACK
    avaya converged communications server 2.0
    gentoo linux 1.4
    trustix secure linux 2.1
    trustix secure linux 1.5
    trustix secure linux 2.0
    apache http server 2.0.49
    ibm http server 2.0.42
    avaya s8700 r2.0.0
    ibm http server 2.0.47
    ibm http server 2.0.47.1
    ibm http server 2.0.42.1
    ibm http server 2.0.42.2
    apache http server 2.0.47
    apache http server 2.0.48
    avaya s8300 r2.0.0
    avaya s8500 r2.0.0
    apache http server 2.0.47
    apache http server 2.0.49
    apache http server 2.0.48
    redhat linux 3.0
    hp hp-ux 11.00
    hp hp-ux 11.11
    trustix secure linux 1.5
    suse suse linux 8.0
    gentoo linux *
    suse suse linux office server *
    hp hp-ux 11.22
    suse suse linux 8.1
    suse linux enterprise server 8
    mandrakesoft mandrake linux 9.1
    suse suse linux 8.2
    conectiva linux 9.0
    trustix secure linux 2.0
    hp hp-ux 11.23
    suse suse linux 9.0
    mandrakesoft mandrake linux 9.2
    redhat enterprise linux 3
    redhat enterprise linux 3
    redhat enterprise linux 3
    trustix secure linux 2.1
    mandrakesoft mandrake linux 10.0
    suse suse linux 9.1
    redhat enterprise linux 3
    conectiva linux 10
    ibm http server -
    mandrakesoft mandrake linux 9.1
    mandrakesoft mandrake linux 9.2
    mandrakesoft mandrake linux 10.0