HomePentest-Tools.com Logo

Apache HTTP Server 1.2.2 - 1.3.24 / 2.0 - 2.0.36 DoS Vulnerability - Windows CVE-2002-0392

Severity
Not available
CVSSv3 Score
Not available
Vulnerability description

Apache HTTP Server is prone to a denial of service (DoS) vulnerability.

Risk description

There is a remotely exploitable vulnerability in the way that Apache web servers (or other web servers based on their source code) handle data encoded in chunks. This vulnerability is present by default in configurations of Apache web server. The impact of this vulnerability is dependent upon the software version and the hardware platform the server is running on. For Apache versions 1.2.2 through 1.3.24 inclusive, this vulnerability may allow the execution of arbitrary code by remote attackers. Exploits are publicly available that claim to allow the execution of arbitrary code. For Apache versions 2.0 through 2.0.36 inclusive, the condition causing the vulnerability is correctly detected and causes the child process to exit. Depending on a variety of factors, including the threading model supported by the vulnerable system, this may lead to a denial-of-service attack against the Apache web server.

Recommendation

Update to version 1.3.26, 2.0.39 or later.

Codename
Not available
Detectable with
Network Scanner
Scan engine
OpenVAS
Exploitable with Sniper
No
CVE Published
Jul 3, 2002
Detection added at
Software Type
Not available
Vendor
Not available
Product
Not available