CVE-2004-0940

Buffer overflow in the get_tag function in mod_include for Apache 1.3.x to 1.3.32 allows local users who can create SSI documents to execute arbitrary code as the apache user via SSI (XSSI) documents that trigger a length calculation error.

Published: Feb 9, 2005
Updated: May 9, 2024
CVE: CVE-2004-0940
Severity: High
Exploit:

CVSS v3:

Severity: High
Score: 7.8
AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CVSS v2:

Severity: Medium
Score: 6.9
AV:L/AC:M/Au:N/C:C/I:C/A:C

CWEs:

Affected Software
References

Software	From	Fixed in
openpkg / openpkg	2.0	2.0.x
openpkg / openpkg	2.1	2.1.x
openpkg / openpkg	2.2	2.2.x
slackware / slackware_linux	9.0	9.0.x
slackware / slackware_linux	8.1	8.1.x
slackware / slackware_linux	10.0	10.0.x
hp / hp-ux	11.11	11.11.x
suse / suse_linux	9.2	9.2.x
suse / suse_linux	9.0	9.0.x
slackware / slackware_linux	8.0	8.0.x
suse / suse_linux	8.2	8.2.x
slackware / slackware_linux	9.1	9.1.x
slackware / slackware_linux	current	current.x
suse / suse_linux	8.0	8.0.x
trustix / secure_linux	1.5	1.5.x
hp / hp-ux	11.00	11.00.x
hp / hp-ux	11.22	11.22.x
suse / suse_linux	9.1	9.1.x
hp / hp-ux	11.20	11.20.x
suse / suse_linux	8.1	8.1.x
apache / http_server	1.3	1.3.32.x

Vulnerability Database

289,599

CVE-2004-0940