Rapid7 Vulnerability & Exploit Database

Apache HTTPD: mod_proxy buffer overflow (CVE-2004-0492)

Back to Search

Apache HTTPD: mod_proxy buffer overflow (CVE-2004-0492)

Severity
10
CVSS
(AV:N/AC:L/Au:N/C:C/I:C/A:C)
Published
08/06/2004
Created
07/25/2018
Added
04/12/2012
Modified
02/13/2015

Description

The affected asset is vulnerable to this vulnerability ONLY if it is running one of the following modules: mod_proxy AND an attacker can get an Apache server which is configured as a proxy to connect to a malicious site. Review your web server configuration for validation. A buffer overflow was found in the Apache proxy module, mod_proxy, which can be triggered by receiving an invalid Content-Length header. In order to exploit this issue an attacker would need to get an Apache installation that was configured as a proxy to connect to a malicious site. This would cause the Apache child processing the request to crash, although this does not represent a significant Denial of Service attack as requests will continue to be handled by other Apache child processes. This issue may lead to remote arbitrary code execution on some BSD platforms.

Solution(s)

  • apache-httpd-upgrade-1_3_32

With Rapid7 live dashboards, I have a clear view of all the assets on my network, which ones can be exploited, and what I need to do in order to reduce the risk in my environment in real-time. No other tool gives us that kind of value and insight.

– Scott Cheney, Manager of Information Security, Sierra View Medical Center

;