CVE-2002-0653
HIGHModssl Mod SSL < 2.8.9 - Buffer Overflow
Title source: ruleDescription
Off-by-one buffer overflow in the ssl_compat_directive function, as called by the rewrite_command hook for mod_ssl Apache module 2.8.9 and earlier, allows local users to execute arbitrary code as the Apache server user via .htaccess files with long entries.
Exploits (1)
exploitdb
WRITEUP
VERIFIED
by Frank DENIS · textdosmultiple
https://www.exploit-db.com/exploits/21575
References (18)
Scores
CVSS v3
7.8
EPSS
0.0102
EPSS Percentile
76.9%
Attack Vector
LOCAL
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Classification
CWE
CWE-193
Status
draft
Affected Products (1)
modssl/mod_ssl
< 2.8.9
Timeline
Published
Jul 11, 2002
Tracked Since
Feb 18, 2026