Lucene search
MitreCVE-2004-1120HistoryJan 10, 2005 - 5:00 a.m.
CVE-2004-1120
2005-01-1005:00:00
mitre
web.nvd.nist.gov
33
buffer overflow
network protocol
prozilla
remote code execution
CVSS2
10
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
AI Score
7.3
Confidence
Low
EPSS
0.011
Percentile
84.6%
Multiple buffer overflows in (1) http.c, (2) http-retr.c, (3) main.c and other code that handles network protocols in ProZilla 1.3.6-r2 and earlier allow remote servers to execute arbitrary code via a long Location header.
Affected configurations
Node
prozillaprozilla_download_acceleratorMatch1.0.0
ORprozillaprozilla_download_acceleratorMatch1.3.0
ORprozillaprozilla_download_acceleratorMatch1.3.1
ORprozillaprozilla_download_acceleratorMatch1.3.2
ORprozillaprozilla_download_acceleratorMatch1.3.3
ORprozillaprozilla_download_acceleratorMatch1.3.4
ORprozillaprozilla_download_acceleratorMatch1.3.5
ORprozillaprozilla_download_acceleratorMatch1.3.5.1
ORprozillaprozilla_download_acceleratorMatch1.3.5.2
ORprozillaprozilla_download_acceleratorMatch1.3.6
| Vendor | Product | Version | CPE |
|---|---|---|---|
| prozilla | prozilla_download_accelerator | 1.0.0 | cpe:2.3:a:prozilla:prozilla_download_accelerator:1.0.0:*:*:*:*:*:*:* |
| prozilla | prozilla_download_accelerator | 1.3.0 | cpe:2.3:a:prozilla:prozilla_download_accelerator:1.3.0:*:*:*:*:*:*:* |
| prozilla | prozilla_download_accelerator | 1.3.1 | cpe:2.3:a:prozilla:prozilla_download_accelerator:1.3.1:*:*:*:*:*:*:* |
| prozilla | prozilla_download_accelerator | 1.3.2 | cpe:2.3:a:prozilla:prozilla_download_accelerator:1.3.2:*:*:*:*:*:*:* |
| prozilla | prozilla_download_accelerator | 1.3.3 | cpe:2.3:a:prozilla:prozilla_download_accelerator:1.3.3:*:*:*:*:*:*:* |
| prozilla | prozilla_download_accelerator | 1.3.4 | cpe:2.3:a:prozilla:prozilla_download_accelerator:1.3.4:*:*:*:*:*:*:* |
| prozilla | prozilla_download_accelerator | 1.3.5 | cpe:2.3:a:prozilla:prozilla_download_accelerator:1.3.5:*:*:*:*:*:*:* |
| prozilla | prozilla_download_accelerator | 1.3.5.1 | cpe:2.3:a:prozilla:prozilla_download_accelerator:1.3.5.1:*:*:*:*:*:*:* |
| prozilla | prozilla_download_accelerator | 1.3.5.2 | cpe:2.3:a:prozilla:prozilla_download_accelerator:1.3.5.2:*:*:*:*:*:*:* |
| prozilla | prozilla_download_accelerator | 1.3.6 | cpe:2.3:a:prozilla:prozilla_download_accelerator:1.3.6:*:*:*:*:*:*:* |
Related
nessus
nessus
openvas
openvas
Gentoo Security Advisory GLSA 200411-31 (ProZilla)
2008-09-24 00:00:00
FreeBSD Ports: prozilla
2008-09-04 00:00:00
FreeBSD Ports: prozilla
2008-09-04 00:00:00
debian
debian
[SECURITY] [DSA 663-1] New prozilla packages fix arbitrary code execution
2005-02-01 16:29:28
[SECURITY] [DSA 663-1] New prozilla packages fix arbitrary code execution
2005-02-01 16:29:28
osv
osv
prozilla - buffer overflows
2005-02-01 00:00:00
exploitdb
exploitdb
Prozilla 1.3.6 - Remote Stack Overflow
2004-11-23 00:00:00
freebsd
freebsd
ProZilla -- server response buffer overflow vulnerabilities
2004-11-23 00:00:00
cvelist
cvelist
CVE-2004-1120
2004-12-01 05:00:00
gentoo
gentoo
ProZilla: Multiple vulnerabilities
2004-11-23 00:00:00
nvd
nvd
CVE-2004-1120
2005-01-10 05:00:00
CVSS2
10
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
AI Score
7.3
Confidence
Low
EPSS
0.011
Percentile
84.6%
Related for CVE-2004-1120