Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2002-0843

Overview

Vulnerability Score 7.5 7.5
CVE Id CVE-2002-0843
Last Modified 07 Mar 2011 09:08:53
Published 11 Oct 2002 12:00:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2002-0843

Summary

Buffer overflows in the ApacheBench benchmark support program (ab.c) in Apache before 1.3.27, and Apache 2.x before 2.0.43, allow a malicious web server to cause a denial of service and possibly execute arbitrary code via a long response.

Vulnerable Systems

Application

  • Apache Http Server 1.3

  • Apache Http Server 1.3.1

  • Apache Http Server 1.3.11

  • Apache Http Server 1.3.12

  • Apache Http Server 1.3.14

  • Apache Http Server 1.3.17

  • Apache Http Server 1.3.18

  • Apache Http Server 1.3.19

  • Apache Http Server 1.3.20

  • Apache Http Server 1.3.22

  • Apache Http Server 1.3.23

  • Apache Http Server 1.3.24

  • Apache Http Server 1.3.25

  • Apache Http Server 1.3.26

  • Apache Http Server 1.3.3

  • Apache Http Server 1.3.4

  • Apache Http Server 1.3.6

  • Apache Http Server 1.3.9

  • Oracle Application Server 1.0.2

  • Oracle Application Server 1.0.2.1s

  • Oracle Application Server 1.0.2.2

  • Oracle Application Server 9.0.2

  • Oracle Application Server 9.0.2.1

  • Oracle Database Server 8.1.7

  • Oracle Database Server 9.2.2

  • Oracle8i 8.1.7

  • Oracle8i 8.1.7.0.0 Enterprise

  • Oracle8i 8.1.7.1

  • Oracle8i 8.1.7.1.0 Enterprise


References

VUPEN - ADV-2006-3263

ENGARDE - ESA-20021007-024

MANDRAKE - MDKSA-2002:068

DEBIAN - DSA-195

DEBIAN - DSA-188

DEBIAN - DSA-187

CONFIRM - http://www.apacheweek.com/issues/02-10-04

HP - HPSBUX0210-224

BUGTRAQ - 20021003 [OpenPKG-SA-2002.009] OpenPKG Security Advisory (apache)

CONECTIVA - CLSA-2002:530

BUGTRAQ - 20021017 TSLSA-2002-0069-apache

SGI - 20021105-01-I

CONFIRM - http://www14.software.ibm.com/webapp/set2/subscriptions/pqvcmjd?mode=18&ID=2871

BID - 5996

BID - 5995

BID - 5887

XF - apache-apachebench-response-bo(10281)

AIXAPAR - IY87070

SECUNIA - 21425

CONFIRM - http://marc.theaimsgroup.com/?l=apache-httpd-announce&m=103367938230488&w=2

CONECTIVA - CLA-2002:530

BUGTRAQ - 20021016 Apache 1.3.26

CONECTIVA - 000530


Last Updated: 27 May 2016 10:38:10