CVE Vulnerabilities

CVE-2003-0993

Published: Mar 29, 2004 | Modified: Jun 06, 2021
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
7.5 HIGH
AV:N/AC:L/Au:N/C:P/I:P/A:P
RedHat/V2
RedHat/V3
Ubuntu

mod_access in Apache 1.3 before 1.3.30, when running big-endian 64-bit platforms, does not properly parse Allow/Deny rules using IP addresses without a netmask, which could allow remote attackers to bypass intended access restrictions.

Affected Software

Name Vendor Start Version End Version
Http_server Apache 1.3 1.3
Http_server Apache 1.3.1 1.3.1
Http_server Apache 1.3.22 1.3.22
Http_server Apache 1.3.23 1.3.23
Http_server Apache 1.3.3 1.3.3
Http_server Apache 1.3.4 1.3.4
Http_server Apache 1.3.18 1.3.18
Http_server Apache 1.3.19 1.3.19
Http_server Apache 1.3.20 1.3.20
Http_server Apache 1.3.11 1.3.11
Http_server Apache 1.3.12 1.3.12
Http_server Apache 1.3.24 1.3.24
Http_server Apache 1.3.27 1.3.27
Http_server Apache 1.3.25 1.3.25
Http_server Apache 1.3.28 1.3.28
Http_server Apache 1.3.7 1.3.7
Http_server Apache 1.3.6 1.3.6
Http_server Apache 1.3.17 1.3.17
Http_server Apache 1.3.26 1.3.26
Http_server Apache 1.3.9 1.3.9
Http_server Apache 1.3.14 1.3.14
Http_server Apache 1.3.29 1.3.29
Apache Ubuntu dapper *
Apache Ubuntu edgy *
Apache Ubuntu feisty *

References