What is CVE-2004-0488?

CVE-2004-0488 is a vulnerability in N/a. Published 2004-05-28.

Is CVE-2004-0488 known to be exploited?

5 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.

Vulnerability in N/a

CVE-2004-0488

Stack-based buffer overflow in the ssl_util_uuencode_binary function in ssl_util.c for Apache mod_ssl, when mod_ssl is configured to trust the issuing CA, may allow remote attackers to execute arbitrary code via a client certificate with a…

EPSS: 0.627 (98.4th percentile) — read the EPSS interpretation.

Affected products

N/a — versions n/a

Public proof-of-concept exploits

References

2004-0031 (vendor-advisory, x_refsource_TRUSTIX)
oval:org.mitre.oval:def:11458 (signature, x_refsource_OVAL, vdb-entry)
MDKSA-2004:054 (vendor-advisory, x_refsource_MANDRAKE)
RHSA-2004:342 (x_refsource_REDHAT, vendor-advisory)
RHSA-2004:245 (x_refsource_REDHAT, vendor-advisory)
GLSA-200406-05 (vendor-advisory, x_refsource_GENTOO)
20040527 [OpenPKG-SA-2004.026] OpenPKG Security Advisory (apache) (mailing-list, x_refsource_BUGTRAQ)
RHSA-2004:405 (x_refsource_REDHAT, vendor-advisory)
SSRT4788 (x_refsource_HP, vendor-advisory)
RHSA-2005:816 (x_refsource_REDHAT, vendor-advisory)

Frequently asked questions

What is CVE-2004-0488?: CVE-2004-0488 is a vulnerability in N/a. Published 2004-05-28.
Is CVE-2004-0488 known to be exploited?: 5 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.