Apache Chunked-Encoding Memory Corruption Vulnerability
Severity: HIGH
CVE Identifier: CVE-2002-0392
Advisory Date: JUL 21, 2015
DESCRIPTION
Apache 1.3 through 1.3.24, and Apache 2.0 through 2.0.36, allows remote attackers to cause a denial of service and possibly execute arbitrary code via a chunk-encoded HTTP request that causes Apache to use an incorrect size.
TREND MICRO PROTECTION INFORMATION
Apply associated Trend Micro DPI Rules.
SOLUTION
Trend Micro Deep Security DPI Rule Number: 1000458
Trend Micro Deep Security DPI Rule Name: 1000458 - Apache Chunked-Encoding Memory Corruption Vulnerability
AFFECTED SOFTWARE AND VERSION
- Apache Software Foundation Apache 1.0
- Apache Software Foundation Apache 1.0.2
- Apache Software Foundation Apache 1.0.3
- Apache Software Foundation Apache 1.0.5
- Apache Software Foundation Apache 1.1
- Apache Software Foundation Apache 1.1.1
- Apache Software Foundation Apache 1.2
- Apache Software Foundation Apache 1.2.5