Summary
According to its version number, the remote version of Apache Web Server is prone to a local buffer-overflow vulnerability that affects a configuration file environment variable. This occurs because the application fails to validate user-supplied string lengths before copying them into finite process buffers.
An attacker may leverage this issue to execute arbitrary code on the affected computer with the privileges of the Apache webserver process.
Solution
The vendor has released an upgrade. Please see
http://www.apache.org/dist/httpd/Announcement2.html for more information.
References
Updated on 2015-03-25
Severity
Classification
-
CVE CVE-2004-0747 -
CVSS Base Score: 4.6
AV:L/AC:L/Au:N/C:P/I:P/A:P
Related Vulnerabilities