CVE - CVE-2003-0542

CVE-ID
CVE-2003-0542	Learn more at National Vulnerability Database (NVD) • CVSS Severity Rating • Fix Information • Vulnerable Software Versions • SCAP Mappings • CPE Information
Description
Multiple stack-based buffer overflows in (1) mod_alias and (2) mod_rewrite for Apache before 1.3.29 allow attackers to create configuration files to cause a denial of service (crash) or execute arbitrary code via a regular expression with more than 9 captures.
References
Note: References are provided for the convenience of the reader to help distinguish between vulnerabilities. The list is not intended to be complete.
CONFIRM:http://httpd.apache.org/dist/httpd/Announcement2.html APPLE:APPLE-SA-2004-01-26 URL:http://lists.apple.com/archives/security-announce/2004/Jan/msg00000.html HP:HPSBOV02683 URL:http://marc.info/?l=bugtraq&m=130497311408250&w=2 HP:SSRT090208 URL:http://marc.info/?l=bugtraq&m=130497311408250&w=2 IMMUNIX:IMNX-2003-7+-025-01 BUGTRAQ:20031028 [OpenPKG-SA-2003.046] OpenPKG Security Advisory (apache) URL:http://www.securityfocus.com/archive/1/342674 BUGTRAQ:20031031 GLSA: apache (200310-04) URL:http://marc.info/?l=bugtraq&m=106761802305141&w=2 HP:HPSBUX0311-301 URL:http://www.securityfocus.com/advisories/6079 MANDRAKE:MDKSA-2003:103 URL:http://www.mandrakesecure.net/en/advisories/advisory.php?name=MDKSA-2003:103 REDHAT:RHSA-2003:320 URL:http://www.redhat.com/support/errata/RHSA-2003-320.html REDHAT:RHSA-2003:360 URL:http://www.redhat.com/support/errata/RHSA-2003-360.html REDHAT:RHSA-2003:405 URL:http://www.redhat.com/support/errata/RHSA-2003-405.html REDHAT:RHSA-2004:015 URL:http://www.redhat.com/support/errata/RHSA-2004-015.html REDHAT:RHSA-2005:816 URL:http://www.redhat.com/support/errata/RHSA-2005-816.html SCO:CSSA-2003-SCO.28 SCO:SCOSA-2004.6 URL:ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2004.6/SCOSA-2004.6.txt SGI:20031203-01-U URL:ftp://patches.sgi.com/support/free/security/advisories/20031203-01-U.asc CONFIRM:http://lists.apple.com/mhonarc/security-announce/msg00045.html CONFIRM:http://docs.info.apple.com/article.html?artnum=61798 SGI:20040202-01-U URL:ftp://patches.sgi.com/support/free/security/advisories/20040202-01-U.asc SUNALERT:101444 URL:http://sunsolve.sun.com/search/document.do?assetkey=1-26-101444-1 SUNALERT:101841 URL:http://sunsolve.sun.com/search/document.do?assetkey=1-26-101841-1 CERT-VN:VU#434566 URL:http://www.kb.cert.org/vuls/id/434566 CERT-VN:VU#549142 URL:http://www.kb.cert.org/vuls/id/549142 BID:8911 URL:http://www.securityfocus.com/bid/8911 BID:9504 URL:http://www.securityfocus.com/bid/9504 OVAL:oval:org.mitre.oval:def:863 URL:https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A863 OVAL:oval:org.mitre.oval:def:864 URL:https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A864 OVAL:oval:org.mitre.oval:def:3799 URL:https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A3799 OVAL:oval:org.mitre.oval:def:9458 URL:https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9458 SECUNIA:10096 URL:http://secunia.com/advisories/10096 SECUNIA:10098 URL:http://secunia.com/advisories/10098 SECUNIA:10102 URL:http://secunia.com/advisories/10102 SECUNIA:10112 URL:http://secunia.com/advisories/10112 SECUNIA:10114 URL:http://secunia.com/advisories/10114 SECUNIA:10153 URL:http://secunia.com/advisories/10153 SECUNIA:10260 URL:http://secunia.com/advisories/10260 SECUNIA:10264 URL:http://secunia.com/advisories/10264 SECUNIA:10463 URL:http://secunia.com/advisories/10463 SECUNIA:10580 URL:http://secunia.com/advisories/10580 SECUNIA:10593 URL:http://secunia.com/advisories/10593 XF:apache-modalias-modrewrite-bo(13400) URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/13400
Assigning CNA
N/A
Date Entry Created
20030714	Disclaimer: The entry creation date may reflect when the CVE ID was allocated or reserved, and does not necessarily indicate when this vulnerability was discovered, shared with the affected vendor, publicly disclosed, or updated in CVE.
Phase (Legacy)
Assigned (20030714)
Votes (Legacy)

Comments (Legacy)

Proposed (Legacy)
N/A
This is an entry on the CVE List, which provides common identifiers for publicly known cybersecurity vulnerabilities.
Search CVE Using Keywords: You can also search by reference using the CVE Reference Maps.
For More Information: cve@mitre.org

Use of the Common Vulnerabilities and Exposures (CVE®) List and the associated references from this website are subject to the terms of use. CVE is sponsored by US-CERT in the office of Cybersecurity and Communications at the U.S. Department of Homeland Security. Copyright © 1999–2018, The MITRE Corporation. CVE and the CVE logo are registered trademarks of The MITRE Corporation. For more information, please contact us.