Apache Chunked-Encoding Memory Corruption Vulnerability

Bugtraq ID: 5033
Class: Boundary Condition Error
CVE: CVE-2002-0392
Remote: Yes
Local: No
Published: Jun 17 2002 12:00AM
Updated: Jan 11 2008 11:09PM
Credit: Discovered independently by Neel Mehta of ISS X-Force and Mark Litchfield of Next Generation Security Software.
Vulnerable: Redhat Secure Web Server 3.2 i386
Oracle Oracle HTTP Server for Apps only 1.0.2 .1s
Oracle Oracle HTTP Server 9.2 .0
Oracle Oracle HTTP Server 9.1
Oracle Oracle HTTP Server 9.0.2
Oracle Oracle HTTP Server 9.0.1
Oracle Oracle HTTP Server 8.1.7
Oracle Oracle HTTP Server 1.0.2 .2 Roll up 2
Oracle Oracle HTTP Server 1.0.2 .2
Oracle Oracle HTTP Server 1.0.2 .1
Oracle Oracle HTTP Server 1.0.2 .0
Macromedia JRun 4.0
Macromedia ColdFusion Server MX Professional
Macromedia ColdFusion Server MX Enterprise
Macromedia ColdFusion Server MX Developer
IBM HTTP Server 1.3.19
HP VirtualVault 4.6
HP VirtualVault 4.5
HP Tru64 UNIX INTERNET EXPRESS 5.9
HP Tru64 UNIX Compaq Secure Web Server 5.8.2
HP Tru64 UNIX Compaq Secure Web Server 5.8.1
HP OpenView Service Information Portal 3.0
HP OpenView Service Information Portal 2.0
HP OpenView Service Information Portal 1.0
HP OpenView Network Node Manager 6.31
HP OpenView Network Node Manager 6.10
HP OpenView Network Node Manager 6.2
HP OpenView Network Node Manager 6.1
HP INTERNET EXPRESS EAK 2.0
HP HP-UX (VVOS) 11.0 4
HP HP-UX 11.22
HP HP-UX 11.20
HP HP-UX 11.11
HP HP-UX 11.0 4
HP HP-UX 11.0
HP Compaq Secure Web Server for OpenVMS 1.2
HP Compaq Secure Web Server for OpenVMS 1.1 -1
HP Compaq Secure Web Server for OpenVMS 1.0 -1
Apache Apache 2.0.39
Apache Apache 2.0.38
Apache Apache 2.0.37
Apache Apache 2.0.36
Apache Apache 2.0.35
Apache Apache 2.0.32
Apache Apache 2.0.28
Apache Apache 2.0
Apache Apache 1.3.24
Apache Apache 1.3.24
Apache Apache 1.3.23
Apache Apache 1.3.23
Apache Apache 1.3.22
Apache Apache 1.3.22
Apache Apache 1.3.20
Apache Apache 1.3.20
Apache Apache 1.3.19
Apache Apache 1.3.19
Apache Apache 1.3.18
Apache Apache 1.3.18
Apache Apache 1.3.17
Apache Apache 1.3.17
Apache Apache 1.3.16
Apache Apache 1.3.15
Apache Apache 1.3.14 Mac
Apache Apache 1.3.14
Apache Apache 1.3.14
Apache Apache 1.3.13
Apache Apache 1.3.12
Apache Apache 1.3.12
Apache Apache 1.3.11
Apache Apache 1.3.11
Apache Apache 1.3.9
Apache Apache 1.3.4
Apache Apache 1.3.3
Apache Apache 1.3.1
Apache Apache 1.3
Apache Apache 1.2.5
Apache Apache 1.2
Apache Apache 1.1.1
Apache Apache 1.1
Apache Apache 1.0.5
Apache Apache 1.0.3
Apache Apache 1.0.2
Apache Apache 1.0
Not Vulnerable: HP Tru64 UNIX Compaq Secure Web Server 5.9.1
Apache Apache 2.0.39
Apache Apache 1.3.26
Apache Apache 1.3.26
Apache Apache 1.3.25
Apache Apache 1.3.25


 

Privacy Statement
Copyright 2010, SecurityFocus