Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2002-0392

Overview

Vulnerability Score 7.5 7.5
CVE Id CVE-2002-0392
Last Modified 07 Mar 2011 09:08:10
Published 03 Jul 2002 12:00:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2002-0392

Summary

Apache 1.3 through 1.3.24, and Apache 2.0 through 2.0.36, allows remote attackers to cause a denial of service and possibly execute arbitrary code via a chunk-encoded HTTP request that causes Apache to use an incorrect size.

Vulnerable Systems

Application

  • Apache Http Server 1.0

  • Apache Http Server 1.0.2

  • Apache Http Server 1.0.3

  • Apache Http Server 1.0.5

  • Apache Http Server 1.1

  • Apache Http Server 1.1.1

  • Apache Http Server 1.2

  • Apache Http Server 1.2.5

  • Apache Http Server 1.3

  • Apache Http Server 1.3.1

  • Apache Http Server 1.3.11

  • Apache Http Server 1.3.12

  • Apache Http Server 1.3.13

  • Apache Http Server 1.3.14

  • Apache Http Server 1.3.15

  • Apache Http Server 1.3.16

  • Apache Http Server 1.3.17

  • Apache Http Server 1.3.18

  • Apache Http Server 1.3.19

  • Apache Http Server 1.3.20

  • Apache Http Server 1.3.22

  • Apache Http Server 1.3.23

  • Apache Http Server 1.3.24

  • Apache Http Server 1.3.3

  • Apache Http Server 1.3.4

  • Apache Http Server 1.3.9

  • Apache Http Server 2.0

  • Apache Http Server 2.0.28

  • Apache Http Server 2.0.32

  • Apache Http Server 2.0.35

  • Apache Http Server 2.0.36


References

CERT - CA-2002-17

CERT-VN - VU#944335

HP - SSRT050968

CONFIRM - http://httpd.apache.org/info/security_bulletin_20020617.txt

BID - 5033

BID - 20005

REDHAT - RHSA-2003:106

REDHAT - RHSA-2002:150

REDHAT - RHSA-2002:126

OSVDB - 838

SUSE - SuSE-SA:2002:022

ENGARDE - ESA-20020619-014

XF - apache-chunked-encoding-bo(9249)

FRSIRT - ADV-2006-3598

DEBIAN - DSA-133

DEBIAN - DSA-132

DEBIAN - DSA-131

SECUNIA - 21917

REDHAT - RHSA-2002:118

REDHAT - RHSA-2002:117

REDHAT - RHSA-2002:103

BUGTRAQ - 20020621 [SECURITY] Remote exploit for 32-bit Apache HTTP Server known

HP - HPSBUX0207-197

HP - HPSBTL0206-049

MANDRAKE - MDKSA-2002:039

CONECTIVA - CLSA-2002:498

BUGTRAQ - 20020621 [slackware-security] new apache/mod_ssl packages available

BUGTRAQ - 20020619 [OpenPKG-SA-2002.004] OpenPKG Security Advisory (apache)

SGI - 20020605-01-I

SGI - 20020605-01-A

CALDERA - CSSA-2002-SCO.31

CALDERA - CSSA-2002-SCO.32

CALDERA - CSSA-2002-029.0

HP - HPSBMA02149


Last Updated: 27 May 2016 10:47:30