Apache – CVE-2004-0488


Kayran has detected that the Version of Apache HTTP Server being used has the FakeBasicAuth overflow vulnerability.
CVE-2004-0488 is categorized as an ‘Out-of-bounds Write’ vulnerability (CWE-787).
That means that the software writes data past the end, or before the beginning, of the intended buffer.

Typically, this can result in the corruption of data, crashes, or code executions.

A Stack-based buffer overflow in the ssl_util_uuencode_binary function in ssl_util.c for Apache mod_ssl, when mod_ssl is configured to trust the issuing CA.
That, may allow remote attackers to execute arbitrary codes by using a client’s certificate that has a long subject DN.
That, will lead to information being disclosed.

There’s a chance that this vulnerability will allow attackers to modify system files and information. Also, it will cause a decrease in performance and interruptions in the availability of resources.


To fix CVE-2004-0488, upgrade the version of Apache HTTP Server being used to 2.0.50.




< Return to all Vulnerabilities

Red Team

You’ve probably heard that there are teams in the Cyber field called Red Team and Blue Team. Let’s talk about the red one, shall we?

Read More »