Your submission was sent successfully! Close

CVE-2004-0700

Published: 27 July 2004

Format string vulnerability in the mod_proxy hook functions function in ssl_engine_log.c in mod_ssl before 2.8.19 for Apache before 1.3.31 may allow remote attackers to execute arbitrary messages via format string specifiers in certain log messages for HTTPS that are handled by the ssl_log function.

Priority

Unknown

Status

Package Release Status
libapache-mod-ssl
Launchpad, Ubuntu, Debian
dapper Not vulnerable

edgy Not vulnerable

feisty Not vulnerable

gutsy Does not exist

upstream Needs triage