CVE-2004-0492

Heap-based buffer overflow in proxy_util.c for mod_proxy in Apache 1.3.25 to 1.3.31 allows remote attackers to cause a denial of service (process crash) and possibly execute arbitrary code via a negative Content-Length HTTP header field, which causes a large amount of data to be copied.

Published: 2004-08-06 Last update: 2026-04-16 Assigner: [email protected] Source: [email protected]
NVD Status:ModifiedCVE State: published
View at NVD, CVE.org, EUVD

CVE-2004-0492 is rated High Risk (79.4/100): CVSS Critical severity, with high exploitation likelihood (EPSS 33.64%, 98th percentile). EPSS ranks this CVE among the most likely to be exploited in the near term. EPSS rose +9.93% over the last day, indicating growing attacker interest. High exploitation likelihood—assess exposure and prioritize remediation.

Risk is dynamic; we continuously reassess and refresh what is shown on this page as upstream context changes.

Exploit prediction scoring system (EPSS) score for CVE-2004-0492

EPSS lead: Daily EPSS estimates relative likelihood of exploitation; percentile ranks this CVE among scored vulnerabilities (higher = more severe relative rank).

# Date Old EPSS score New EPSS score Delta (New - Old)
1 2026-06-15 23.71% 33.64% +9.93%
2 2026-02-26 21.04% 23.71% +2.68%
3 2025-12-28 21.04%

Full EPSS history (18 records total)

Common vulnerability scoring system (CVSS) metrics for CVE-2004-0492

CVSS metrics for this CVE.

Base score Version Severity Vector Exploitability Impact Score source
10.0 2.0 HIGH
AV:N/AC:L/Au:N/C:C/I:C/A:C Click to expand
Access vector (AV:N)
Can be exploited remotely over network reachability.
Access complexity (AC:L)
Exploitation conditions are straightforward and predictable.
Authentication (AU:N)
No authentication is required.
Confidentiality impact (C:C)
Complete confidentiality impact.
Integrity impact (I:C)
Complete integrity impact.
Availability impact (A:C)
Complete availability impact.
 10.0 10.0 [email protected]

Weakness enumeration for CVE-2004-0492

OS Trackers for CVE-2004-0492

vendor priority summary link
redhat low https://access.redhat.com/security/cve/CVE-2004-0492
ubuntu medium CVE-2004-0492 medium priority: Ubuntu including 1 source packages (apache), 4 status rows across 4 suites (dapper, edgy, feisty, upstream): released 3, needs-triage 1. https://ubuntu.com/security/CVE-2004-0492

Vendor comments (NVD) for CVE-2004-0492

  • Apache (2008-07-02T00:00:00)

    Fixed in Apache HTTP Server 1.3.32: http://httpd.apache.org/security/vulnerabilities_13.html

Affected software / configurations for CVE-2004-0492

Vendor Product Version Raw CPE
apache http_server 1.3.26 cpe:2.3:a:apache:http_server:1.3.26:*:*:*:*:*:*:*
apache http_server 1.3.27 cpe:2.3:a:apache:http_server:1.3.27:*:*:*:*:*:*:*
apache http_server 1.3.28 cpe:2.3:a:apache:http_server:1.3.28:*:*:*:*:*:*:*
apache http_server 1.3.29 cpe:2.3:a:apache:http_server:1.3.29:*:*:*:*:*:*:*
apache http_server 1.3.31 cpe:2.3:a:apache:http_server:1.3.31:*:*:*:*:*:*:*
hp virtualvault 11.0.4 cpe:2.3:a:hp:virtualvault:11.0.4:*:*:*:*:*:*:*
hp webproxy 2.0 cpe:2.3:a:hp:webproxy:2.0:*:*:*:*:*:*:*
hp webproxy 2.1 cpe:2.3:a:hp:webproxy:2.1:*:*:*:*:*:*:*
ibm http_server 1.3.26 cpe:2.3:a:ibm:http_server:1.3.26:*:*:*:*:*:*:*
ibm http_server 1.3.26.1 cpe:2.3:a:ibm:http_server:1.3.26.1:*:*:*:*:*:*:*
ibm http_server 1.3.26.2 cpe:2.3:a:ibm:http_server:1.3.26.2:*:*:*:*:*:*:*
ibm http_server 1.3.28 cpe:2.3:a:ibm:http_server:1.3.28:*:*:*:*:*:*:*
sgi propack 2.4 cpe:2.3:a:sgi:propack:2.4:*:*:*:*:*:*:*
hp vvos 11.04 cpe:2.3:o:hp:vvos:11.04:*:*:*:*:*:*:*
openbsd openbsd cpe:2.3:o:openbsd:openbsd:*:*:*:*:*:*:*:*
openbsd openbsd 3.4 cpe:2.3:o:openbsd:openbsd:3.4:*:*:*:*:*:*:*
openbsd openbsd 3.5 cpe:2.3:o:openbsd:openbsd:3.5:*:*:*:*:*:*:*

References for CVE-2004-0492

URL Tags
ftp://patches.sgi.com/support/free/security/advisories/20040605-01-U.asc
http://marc.info/?l=bugtraq&m=108711172710140&w=2
http://marc.info/?l=bugtraq&m=130497311408250&w=2
http://rhn.redhat.com/errata/RHSA-2004-245.html Patch Vendor Advisory
http://seclists.org/lists/fulldisclosure/2004/Jun/0296.html
http://secunia.com/advisories/11841
http://sunsolve.sun.com/search/document.do?assetkey=1-26-101555-1
http://sunsolve.sun.com/search/document.do?assetkey=1-26-101841-1
http://sunsolve.sun.com/search/document.do?assetkey=1-26-57628-1
http://www.debian.org/security/2004/dsa-525 Patch Vendor Advisory
http://www.guninski.com/modproxy1.html
http://www.kb.cert.org/vuls/id/541310 US Government Resource
http://www.mandriva.com/security/advisories?name=MDKSA-2004:065
https://bugzilla.fedora.us/show_bug.cgi?id=1737
https://exchange.xforce.ibmcloud.com/vulnerabilities/16387
https://lists.apache.org/thread.html/r5419c9ba0951ef73a655362403d12bb8d10fab38274deb3f005816f5%40%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/r734a07156abf332d5ab27fb91d9d962cacfef4f3681e44056f064fa8%40%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/rd65d8ba68ba17e7deedafbf5bb4899f2ae4dad781d21b931c2941ac3%40%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/re895fc1736d25c8cf57e102c871613b8aeec9ea26fd8a44e7942b5ab%40%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/rf2f0f3611f937cf6cfb3b4fe4a67f69885855126110e1e3f2fb2728e%40%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A100112
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A4863
cvelogic Threat Intelligence