CVE-2004-0700

N/A Unknown

Published: July 27, 2004 Modified: April 16, 2026

Description

Format string vulnerability in the mod_proxy hook functions function in ssl_engine_log.c in mod_ssl before 2.8.19 for Apache before 1.3.31 may allow remote attackers to execute arbitrary messages via format string specifiers in certain log messages for HTTPS that are handled by the ssl_log function.

AI Explanation

Get an AI-powered plain-language explanation of this vulnerability and remediation steps.

Login to generate AI explanation

References to Advisories, Solutions, and Tools

Patch Vendor Advisory Exploit Third Party Advisory

http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000857

Source: cve@mitre.org

http://marc.info/?l=apache-modssl&m=109001100906749&w=2

Source: cve@mitre.org

http://marc.info/?l=bugtraq&m=109005001205991&w=2

Source: cve@mitre.org

http://packetstormsecurity.org/0407-advisories/modsslFormat.txt

Source: cve@mitre.org

http://virulent.siyahsapka.org/

Source: cve@mitre.org

http://www.debian.org/security/2004/dsa-532

Source: cve@mitre.org

http://www.kb.cert.org/vuls/id/303448

Source: cve@mitre.org

Third Party Advisory US Government Resource

http://www.mandrakesecure.net/en/advisories/advisory.php?name=MDKSA-2004:075

Source: cve@mitre.org

http://www.osvdb.org/7929

Source: cve@mitre.org

http://www.redhat.com/support/errata/RHSA-2004-405.html

Source: cve@mitre.org

http://www.redhat.com/support/errata/RHSA-2004-408.html

Source: cve@mitre.org

http://www.securityfocus.com/bid/10736

Source: cve@mitre.org

http://www.ubuntu.com/usn/usn-177-1

Source: cve@mitre.org

https://bugzilla.fedora.us/show_bug.cgi?id=1888

Source: cve@mitre.org

https://exchange.xforce.ibmcloud.com/vulnerabilities/16705

Source: cve@mitre.org

http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000857

Source: af854a3a-2127-422b-91ae-364da2661108

http://marc.info/?l=apache-modssl&m=109001100906749&w=2

Source: af854a3a-2127-422b-91ae-364da2661108

http://marc.info/?l=bugtraq&m=109005001205991&w=2

Source: af854a3a-2127-422b-91ae-364da2661108

http://packetstormsecurity.org/0407-advisories/modsslFormat.txt

Source: af854a3a-2127-422b-91ae-364da2661108

http://virulent.siyahsapka.org/

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.debian.org/security/2004/dsa-532

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.kb.cert.org/vuls/id/303448

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party Advisory US Government Resource

http://www.mandrakesecure.net/en/advisories/advisory.php?name=MDKSA-2004:075

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.osvdb.org/7929

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.redhat.com/support/errata/RHSA-2004-405.html

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.redhat.com/support/errata/RHSA-2004-408.html

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.securityfocus.com/bid/10736

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.ubuntu.com/usn/usn-177-1

Source: af854a3a-2127-422b-91ae-364da2661108

https://bugzilla.fedora.us/show_bug.cgi?id=1888

Source: af854a3a-2127-422b-91ae-364da2661108

https://exchange.xforce.ibmcloud.com/vulnerabilities/16705

Source: af854a3a-2127-422b-91ae-364da2661108

30 reference(s) from NVD

Quick Stats

CVSS v3 Score

N/A / 10.0

EPSS (Exploit Probability)

31.7%

97th percentile

Exploitation Status

Not in CISA KEV

Affected Vendors

mod_ssl gentoo