Test Kennung:	1.3.6.1.4.1.25623.1.0.107963
Kategorie:	Web Servers
Titel:	Apache HTTP Server 1.2.2 - 1.3.24 / 2.0 - 2.0.36 DoS Vulnerability - Linux
Zusammenfassung:	Apache HTTP Server is prone to a denial of service (DoS) vulnerability.
Beschreibung:	Summary: Apache HTTP Server is prone to a denial of service (DoS) vulnerability. Vulnerability Insight: There is a remotely exploitable vulnerability in the way that Apache web servers (or other web servers based on their source code) handle data encoded in chunks. This vulnerability is present by default in configurations of Apache web server. The impact of this vulnerability is dependent upon the software version and the hardware platform the server is running on. Vulnerability Impact: For Apache versions 1.2.2 through 1.3.24 inclusive, this vulnerability may allow the execution of arbitrary code by remote attackers. Exploits are publicly available that claim to allow the execution of arbitrary code. For Apache versions 2.0 through 2.0.36 inclusive, the condition causing the vulnerability is correctly detected and causes the child process to exit. Depending on a variety of factors, including the threading model supported by the vulnerable system, this may lead to a denial-of-service attack against the Apache web server. Affected Software/OS: Apache HTTP Server version 1.2.2 and above, 1.3 through 1.3.24, and versions 2.0 through 2.0.36. Solution: Update to version 1.3.26, 2.0.39 or later. CVSS Score: 7.5 CVSS Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P
Querverweis:	Common Vulnerability Exposure (CVE) ID: CVE-2002-0392 BugTraq ID: 20005 http://www.securityfocus.com/bid/20005 BugTraq ID: 5033 http://www.securityfocus.com/bid/5033 Bugtraq: 20020617 Re: ISS Advisory: Remote Compromise Vulnerability in Apache HTTP Server (Google Search) Bugtraq: 20020617 Re: Remote Compromise Vulnerability in Apache HTTP Server (Google Search) Bugtraq: 20020618 Fixed version of Apache 1.3 available (Google Search) Bugtraq: 20020619 Implications of Apache vuln for Oracle (Google Search) Bugtraq: 20020619 Remote Apache 1.3.x Exploit (Google Search) Bugtraq: 20020619 [OpenPKG-SA-2002.004] OpenPKG Security Advisory (apache) (Google Search) http://archives.neohapsis.com/archives/bugtraq/2002-06/0235.html Bugtraq: 20020620 Apache Exploit (Google Search) Bugtraq: 20020620 TSLSA-2002-0056 - apache (Google Search) Bugtraq: 20020621 [SECURITY] Remote exploit for 32-bit Apache HTTP Server known (Google Search) http://online.securityfocus.com/archive/1/278149 Bugtraq: 20020621 [slackware-security] new apache/mod_ssl packages available (Google Search) http://archives.neohapsis.com/archives/bugtraq/2002-06/0266.html Bugtraq: 20020622 Ending a few arguments with one simple attachment. (Google Search) Bugtraq: 20020622 blowchunks - protecting existing apache servers until upgrades arrive (Google Search) Caldera Security Advisory: CSSA-2002-029.0 ftp://ftp.caldera.com/pub/security/OpenLinux/CSSA-2002-029.0.txt Caldera Security Advisory: CSSA-2002-SCO.31 ftp://ftp.caldera.com/pub/updates/OpenUNIX/CSSA-2002-SCO.31 Caldera Security Advisory: CSSA-2002-SCO.32 ftp://ftp.caldera.com/pub/updates/OpenServer/CSSA-2002-SCO.32 http://www.cert.org/advisories/CA-2002-17.html CERT/CC vulnerability note: VU#944335 http://www.kb.cert.org/vuls/id/944335 COMPAQ Service Security Patch: SSRT2253 Conectiva Linux advisory: CLSA-2002:498 http://distro.conectiva.com/atualizacoes/?id=a&anuncio=000498 Debian Security Information: DSA-131 (Google Search) http://www.debian.org/security/2002/dsa-131 Debian Security Information: DSA-132 (Google Search) http://www.debian.org/security/2002/dsa-132 Debian Security Information: DSA-133 (Google Search) http://www.debian.org/security/2002/dsa-133 En Garde Linux Advisory: ESA-20020619-014 http://www.linuxsecurity.com/advisories/other_advisory-2137.html http://www.frsirt.com/english/advisories/2006/3598 HPdes Security Advisory: HPSBMA02149 http://www2.itrc.hp.com/service/cki/docDisplay.do?docLocale=en_US&docId=200000083816475 HPdes Security Advisory: HPSBTL0206-049 http://online.securityfocus.com/advisories/4240 HPdes Security Advisory: HPSBUX0207-197 http://online.securityfocus.com/advisories/4257 HPdes Security Advisory: SSRT050968 ISS Security Advisory: 20020617 Remote Compromise Vulnerability in Apache HTTP Server http://frontal2.mandriva.com/security/advisories?name=MDKSA-2002:039 https://lists.apache.org/thread.html/54a42d4b01968df1117cea77fc53d6beb931c0e05936ad02af93e9ac@%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/5df9bfb86a3b054bb985a45ff9250b0332c9ecc181eec232489e7f79@%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/r0276683d8e1e07153fc8642618830ac0ade85b9ae0dc7b07f63bb8fc@%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/r8828e649175df56f1f9e3919938ac7826128525426e2748f0ab62feb@%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9@%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/r5419c9ba0951ef73a655362403d12bb8d10fab38274deb3f005816f5@%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/r2cb985de917e7da0848c440535f65a247754db8b2154a10089e4247b@%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/r9e8622254184645bc963a1d47c5d47f6d5a36d6f080d8d2c43b2b142@%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920@%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/rd00b45b93fda4a5bd013b28587207d0e00f99f6e3308dbb6025f3b01@%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/rf2f0f3611f937cf6cfb3b4fe4a67f69885855126110e1e3f2fb2728e@%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/r5001ecf3d6b2bdd0b732e527654248abb264f08390045d30709a92f6@%3Ccvs.httpd.apache.org%3E http://www.osvdb.org/838 RedHat Security Advisories: RHSA-2002:103 http://rhn.redhat.com/errata/RHSA-2002-103.html RedHat Security Advisories: RHSA-2002:117 http://rhn.redhat.com/errata/RHSA-2002-117.html RedHat Security Advisories: RHSA-2002:118 http://rhn.redhat.com/errata/RHSA-2002-118.html http://www.redhat.com/support/errata/RHSA-2002-126.html http://www.redhat.com/support/errata/RHSA-2002-150.html http://www.redhat.com/support/errata/RHSA-2003-106.html http://secunia.com/advisories/21917 SGI Security Advisory: 20020605-01-A ftp://patches.sgi.com/support/free/security/advisories/20020605-01-A SGI Security Advisory: 20020605-01-I ftp://patches.sgi.com/support/free/security/advisories/20020605-01-I SuSE Security Announcement: SuSE-SA:2002:022 (Google Search) http://www.novell.com/linux/security/advisories/2002_22_apache.html http://www.iss.net/security_center/static/9249.php
Copyright	Copyright (C) 2021 Greenbone AG

Dies ist nur einer von 145615 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.