Apache Chunked-Encoding Memory Corruption Vulnerability
Gravité: : Élevé
Identifiant(s) CVE: : CVE-2002-0392
Date du conseil: 21 juillet 2015
Description
Apache 1.3 through 1.3.24, and Apache 2.0 through 2.0.36, allows remote attackers to cause a denial of service and possibly execute arbitrary code via a chunk-encoded HTTP request that causes Apache to use an incorrect size.
Information Exposure Rating:
Apply associated Trend Micro DPI Rules.
Solutions
Trend Micro Deep Security DPI Rule Number: 1000458
Trend Micro Deep Security DPI Rule Name: 1000458 - Apache Chunked-Encoding Memory Corruption Vulnerability
Affected software and version:
- Apache Software Foundation Apache 1.0
- Apache Software Foundation Apache 1.0.2
- Apache Software Foundation Apache 1.0.3
- Apache Software Foundation Apache 1.0.5
- Apache Software Foundation Apache 1.1
- Apache Software Foundation Apache 1.1.1
- Apache Software Foundation Apache 1.2
- Apache Software Foundation Apache 1.2.5