VYPR
Unrated severityNVD Advisory· Published Aug 6, 2004· Updated Jun 16, 2026

CVE-2004-0492

CVE-2004-0492

Description

Heap-based buffer overflow in proxy_util.c for mod_proxy in Apache 1.3.25 to 1.3.31 allows remote attackers to cause a denial of service (process crash) and possibly execute arbitrary code via a negative Content-Length HTTP header field, which causes a large amount of data to be copied.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

18
  • cpe:2.3:a:apache:http_server:1.3.26:*:*:*:*:*:*:*+ 5 more
    • cpe:2.3:a:apache:http_server:1.3.26:*:*:*:*:*:*:*
    • cpe:2.3:a:apache:http_server:1.3.27:*:*:*:*:*:*:*
    • cpe:2.3:a:apache:http_server:1.3.28:*:*:*:*:*:*:*
    • cpe:2.3:a:apache:http_server:1.3.29:*:*:*:*:*:*:*
    • cpe:2.3:a:apache:http_server:1.3.31:*:*:*:*:*:*:*
    • (no CPE)range: 1.3.25 - 1.3.31
  • cpe:2.3:a:hp:virtualvault:11.0.4:*:*:*:*:*:*:*
  • cpe:2.3:a:hp:webproxy:2.0:*:*:*:*:*:*:*+ 1 more
    • cpe:2.3:a:hp:webproxy:2.0:*:*:*:*:*:*:*
    • cpe:2.3:a:hp:webproxy:2.1:*:*:*:*:*:*:*
  • IBM/HTTP Server4 versions
    cpe:2.3:a:ibm:http_server:1.3.26:*:*:*:*:*:*:*+ 3 more
    • cpe:2.3:a:ibm:http_server:1.3.26:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:http_server:1.3.26.1:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:http_server:1.3.26.2:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:http_server:1.3.28:*:*:*:*:*:*:*
  • cpe:2.3:a:sgi:propack:2.4:*:*:*:*:*:*:*
  • cpe:2.3:o:hp:vvos:11.04:*:*:*:*:*:*:*
  • OpenBSD/OpenBSD3 versions
    cpe:2.3:o:openbsd:openbsd:*:*:*:*:*:*:*:*+ 2 more
    • cpe:2.3:o:openbsd:openbsd:*:*:*:*:*:*:*:*
    • cpe:2.3:o:openbsd:openbsd:3.4:*:*:*:*:*:*:*
    • cpe:2.3:o:openbsd:openbsd:3.5:*:*:*:*:*:*:*

Patches

Vulnerability mechanics

References

24

News mentions

0

No linked articles in our index yet.