Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nvd[email protected]NVD:CVE-2002-0653
HistoryJul 11, 2002 - 4:00 a.m.

CVE-2002-0653

2002-07-1104:00:00
CWE-193
[email protected]
web.nvd.nist.gov
10

CVSS2

4.6

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:L/Au:N/C:P/I:P/A:P

CVSS3

7.8

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

EPSS

0.001

Percentile

26.9%

JSON

Off-by-one buffer overflow in the ssl_compat_directive function, as called by the rewrite_command hook for mod_ssl Apache module 2.8.9 and earlier, allows local users to execute arbitrary code as the Apache server user via .htaccess files with long entries.

Affected configurations

Nvd
Node
modsslmod_sslRange2.8.9
VendorProductVersionCPE
modsslmod_ssl*cpe:2.3:a:modssl:mod_ssl:*:*:*:*:*:*:*:*

References

Related

nessus 5
osv 1
openvas 4
cve 1
cert 2
exploitdb 1
cvelist 1
suse 1
slackware 2
f5 1
nessus
nessus
Debian DSA-135-1 : libapache-mod-ssl - buffer overflow / DoS
2004-09-29 00:00:00
Apache mod_ssl ssl_compat_directive Function Overflow
2002-07-02 00:00:00
RHEL 2.1 : mod_ssl (RHSA-2002:136)
2004-07-06 00:00:00
osv
osv
libapache-mod-ssl -- buffer overflow / DoS
2002-07-02 00:00:00
openvas
openvas
Debian Security Advisory DSA 135-1 (libapache-mod-ssl)
2008-01-17 00:00:00
Apache HTTP Server 'mod_ssl' Off By One Vulnerability
2005-11-03 00:00:00
mod_ssl off by one
2005-11-03 00:00:00
cve
cve
CVE-2002-0653
2003-04-02 05:00:00
cert
cert
Buffer Overflow in mod_ssl
2003-04-17 00:00:00
Integer overflow in xdr_array() function when deserializing the XDR stream
2002-08-01 00:00:00
exploitdb
exploitdb
Apache mod_ssl 2.8.x - Off-by-One HTAccess Buffer Overflow
2002-06-22 00:00:00
cvelist
cvelist
CVE-2002-0653
2003-04-02 05:00:00
suse
suse
local privilege escalation in mod_ssl, mm
2002-07-31 16:22:10
slackware
slackware
SSA-2002-0731201128
2002-07-31 20:11:28
Security updates for Slackware 8.1
2002-07-31 13:11:28
f5
f5
K000138057 : mod_ssl vulnerabilities CVE-2002-1157 and CVE-2002-0653
2023-12-27 00:00:00

CVSS2

4.6

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:L/Au:N/C:P/I:P/A:P

CVSS3

7.8

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

EPSS

0.001

Percentile

26.9%

JSON
Related for NVD:CVE-2002-0653
nessus5osv1openvas4cve1cert2exploitdb1cvelist1suse1slackware2f51