CVE-2003-0993 - Secunia Advisories - Vulnerability Information

CVE Reference: CVE-2003-0993
NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE.

Original Page at CVE MITRE: CVE-2003-0993

Description: mod_access in Apache 1.3 before 1.3.30, when running big-endian 64-bit platforms, does not properly parse Allow/Deny rules using IP addresses without a netmask, which could allow remote attackers to bypass intended access restrictions.

CVE Status: Entry

References: XF http://xforce.iss.net/xforce/xfdb/15422 TRUSTIX http://www.trustix.org/errata/2004/0027 SUNALERT http://sunsolve.sun.com/search/document.do?assetkey=1-26-57628-1 http://sunsolve.sun.com/search/document.do?assetkey=1-26-101555-1 http://sunsolve.sun.com/search/document.do?assetkey=1-26-101841-1 SLACKWARE http://www.slackware.com/security/viewer.php?l=slackware-security&y=2004&m=slackware-security.529643 OVAL http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:4670 http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:100111 MLIST http://marc.theaimsgroup.com/?l=apache-cvs&m=107869603013722 MANDRAKE http://frontal2.mandriva.com/security/advisories?name=MDKSA-2004:046 GENTOO http://security.gentoo.org/glsa/glsa-200405-22.xml CONFIRM http://www.apacheweek.com/features/security-13 http://issues.apache.org/bugzilla/show_bug.cgi?id=23850 BUGTRAQ http://marc.theaimsgroup.com/?l=bugtraq&m=108437852004207&w=2 BID 9829

Return to the previous page.