| VID |
22018 |
| Severity |
40 |
| Port |
80, ... |
| Protocol |
TCP |
| Class |
WWW |
| Detailed Description |
The Apache web server, according to its banner, is vulnerable to a chunked encoding heap buffer overflow. Successful exploitation may lead to modified Web content, denial of service, or further compromise.
The Apache web server is maintained by the Apache Software Foundation. Apache is an extremely popular open-source Web server.
Affected Apache web servers may susceptible to a heap buffer overflow in the mechanism that calculates the size of "chunked" encoding. Chunked encoding is a process by which a client generates a variable sized "chunk" of data and notifies the Web server of the data's size before transferring it, so that the Web server can allocate a buffer of the correct size. This vulnerability is a software flaw that misinterprets the size of incoming data chunks, which could allow a remote attacker to overflow a buffer and execute arbitrary code or cause a denial of service against the affected Web server.
* Note: This check solely relied on the banner of the remote Web server to assess this vulnerability, so this might be a false positive.
* References:
http://www.cert.org/advisories/CA-2002-17.html
http://www.kb.cert.org/vuls/id/944335
http://httpd.apache.org/info/security_bulletin_20020617.txt
http://bvlive01.iss.net/issEn/delivery/xforce/alertdetail.jsp?oid=20502
* Platforms Affected:
Web servers based on Apache code versions 1.3 through 1.3.24
Web servers based on Apache code versions 2.0 through 2.0.36
All versions of IBM HTTP Server (IHS) up to and including v1.3.19 |
| Recommendation |
For Apache HTTP Server 1.x and 2.x:
Upgrade to the latest version of Apache HTTP Server (1.3.26 or later, or 2.0.39 or later), available from Apache Software Foundation download site at http://httpd.apache.org
For IBM HTTP Server:
Apply the appropriate patch for your system, as listed in IBM Web page at http://www-1.ibm.com/support/docview.wss?rs=177&context=SSEQTJ&q=&uid=swg21053487&loc=en_US&cs=utf-8&lang=en+en
For other distributions:
Contact your vendor for upgrade or patch information. Or see the CERT Advisory CA-2002-17 at http://www.cert.org/advisories/CA-2002-17.html |
| Related URL |
CVE-2002-0392 (CVE) |
| Related URL |
5033 (SecurityFocus) |
| Related URL |
9249 (ISS) |
|
