Apache Mod_Proxy Remote Negative Content-Length Buffer Overflow Vulnerability

Apache Mod_Proxy Remote Negative Content-Length Buffer Overflow Vulnerability

References:

Apache 1.3.x ChangeLog (Apache Software Foundation)
Apache 1.3.x Latest Release Information Page (Apache Software Foundation)
Apache Homepage (Apache Software Foundation)
Buffer overflow in apache mod_proxy,yet still apache much better than windows (Georgi Guninski)
CAN-2004-0492 mod_proxy security issue (Apache Software Foundation)
HPSBUX01098 ApacheStrong remote Denial of Service or arbitrary code execution (HP)
HPSBUX01113 Apache 1.3 on VirtualVault potential remote Denial of Service (DoS) (HP)
OpenBSD Errata Page (OpenBSD)
Possible security exposure for configurations using mod_proxy in IBM HTTP Server (IBM)
RHSA-2004:245-14 (RedHat)
Sun Alert ID: 57628 (Sun)

Privacy Statement
Copyright 2010, SecurityFocus