Rapid7 Vulnerability & Exploit Database

SUSE Linux Security Vulnerability: CVE-2004-0700

Back to Search

SUSE Linux Security Vulnerability: CVE-2004-0700

Severity
8
CVSS
(AV:N/AC:L/Au:N/C:P/I:P/A:P)
Published
07/27/2004
Created
07/25/2018
Added
12/12/2013
Modified
07/04/2017

Description

Format string vulnerability in the mod_proxy hook functions function in ssl_engine_log.c in mod_ssl before 2.8.19 for Apache before 1.3.31 may allow remote attackers to execute arbitrary messages via format string specifiers in certain log messages for HTTPS that are handled by the ssl_log function.

Solution(s)

  • suse-upgrade-mod_ssl

With Rapid7 live dashboards, I have a clear view of all the assets on my network, which ones can be exploited, and what I need to do in order to reduce the risk in my environment in real-time. No other tool gives us that kind of value and insight.

– Scott Cheney, Manager of Information Security, Sierra View Medical Center

;