Vulnerability CVE-2002-0392 - CERT Civis.Net

Vulnerability Name:

CVE-2002-0392 (CCN-9249)

Assigned:

2002-06-17

Published:

2002-06-17

Updated:

2021-07-15

Summary:

Apache 1.3 through 1.3.24, and Apache 2.0 through 2.0.36, allows remote attackers to cause a denial of service and possibly execute arbitrary code via a chunk-encoded HTTP request that causes Apache to use an incorrect size.

CVSS v3 Severity:

7.3 High (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L)

Exploitability Metrics:	Attack Vector (AV): Network Attack Complexity (AC): Low Privileges Required (PR): None User Interaction (UI): None
Scope:	Scope (S): Unchanged
Impact Metrics:	Confidentiality (C): Low Integrity (I): Low Availibility (A): Low

CVSS v2 Severity:

7.5 High (CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): Low Authentication (Au): None
Impact Metrics:	Confidentiality (C): Partial Integrity (I): Partial Availibility (A): Partial

7.5 High (CCN CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): Low Athentication (Au): None
Impact Metrics:	Confidentiality (C): Partial Integrity (I): Partial Availibility (A): Partial

Vulnerability Type:

Vulnerability Consequences:

Gain Access

References:

Source: CALDERA
Type: Broken Link
CSSA-2002-029.0

Source: CCN
Type: Caldera International, Inc. Security Advisory CSSA-2002-029.0
Apache Web Server Chunk Handling Vulnerability

Source: CALDERA
Type: Broken Link
CSSA-2002-SCO.32

Source: CCN
Type: Caldera International, Inc. Security Advisory CSSA-2002-SCO.32
OpenServer 5.0.5 OpenServer 5.0.6 : Apache Web Server Chunk Handling Vulnerability / mod_ssl off-by-one error

Source: CALDERA
Type: Broken Link
CSSA-2002-SCO.31

Source: CCN
Type: Caldera International, Inc. Security Advisory CSSA-2002-SCO.31
UnixWare 7.1.1 Open UNIX 8.0.0 : Apache Web Server Chunk Handling Vulnerability / mod_ssl off-by-one error

Source: CCN
Type: SGI Security Advisory 20020605-01-A
Apache Web Server Chunk Handling vulnerability

Source: SGI
Type: Broken Link
20020605-01-A

Source: SGI
Type: Broken Link
20020605-01-I

Source: BUGTRAQ
Type: Broken Link
20020619 [OpenPKG-SA-2002.004] OpenPKG Security Advisory (apache)

Source: BUGTRAQ
Type: Broken Link
20020621 [slackware-security] new apache/mod_ssl packages available

Source: CCN
Type: BugTraq Mailing List, Wed Sep 13 2006 - 12:16:43 CDT
[security bulletin] HPSBMA02149 SSRT050968 rev.1 - HP OpenView Operations, Remote Unauthorized Access and Denial of Service (DoS)

Source: CCN
Type: Internet Security Systems Security Advisory, June 17, 2002
Remote Compromise Vulnerability in Apache HTTP Server

Source: CCN
Type: Internet Security Systems Security Alert, June 19, 2002
Apache HTTP Server Exploit in Circulation

Source: MITRE
Type: CNA
CVE-2002-0392

Source: CCN
Type: Conectiva Linux Announcement CLSA-2002:498
Chunk transfer encoding vulnerability

Source: CONECTIVA
Type: Broken Link
CLSA-2002:498

Source: MANDRAKE
Type: Broken Link
MDKSA-2002:039

Source: CCN
Type: Apache HTTP Server Project Web site
Apache HTTPD Project - The Apache HTTPD Server Project

Source: CCN
Type: Apache Security Bulletin June 17, 2002
Apache Web Server

Source: CONFIRM
Type: Vendor Advisory
http://httpd.apache.org/info/security_bulletin_20020617.txt

Source: CCN
Type: Apache Security Bulletin June 20, 2002
Apache Web Server

Source: HP
Type: Broken Link, Third Party Advisory, VDB Entry
HPSBTL0206-049

Source: HP
Type: Broken Link, Third Party Advisory, VDB Entry
HPSBUX0207-197

Source: BUGTRAQ
Type: Broken Link, Third Party Advisory, VDB Entry
20020621 [SECURITY] Remote exploit for 32-bit Apache HTTP Server known

Source: CCN
Type: Oracle Security Alert #36
Security Vulnerability for Apache HTTP Server of Oracle9iAS

Source: CCN
Type: RHSA-2002-103
Updated Apache packages fix chunked encoding issue

Source: REDHAT
Type: Broken Link
RHSA-2002:103

Source: REDHAT
Type: Broken Link
RHSA-2002:117

Source: REDHAT
Type: Broken Link
RHSA-2002:118

Source: CCN
Type: RHSA-2002-126
apache security update

Source: CCN
Type: RHSA-2002-150
apache security update for Stronghold

Source: CCN
Type: RHSA-2003-106
Updated apache and mod_ssl packages available

Source: CCN
Type: SA21917
HP OpenView Operations Apache Chunked Encoding Vulnerability

Source: SECUNIA
Type: Third Party Advisory
21917

Source: CCN
Type: CERT Advisory CA-2002-17
Apache Web Server Chunk Handling Vulnerability

Source: CERT
Type: Patch, Third Party Advisory, US Government Resource
CA-2002-17

Source: CCN
Type: CIAC Information Bulletin M-093
Apache HTTP Server Chunk Encoding Vulnerability

Source: DEBIAN
Type: Third Party Advisory
DSA-131

Source: DEBIAN
Type: Third Party Advisory
DSA-132

Source: DEBIAN
Type: Third Party Advisory
DSA-133

Source: DEBIAN
Type: DSA-131
apache -- remote DoS / exploit

Source: DEBIAN
Type: DSA-132
apache-ssl -- remote DoS / exploit

Source: DEBIAN
Type: DSA-133
apache-perl -- remote DoS / exploit

Source: FRSIRT
Type: Third Party Advisory
ADV-2006-3598

Source: XF
Type: Broken Link
apache-chunked-encoding-bo(9249)

Source: CCN
Type: US-CERT VU#944335
Apache web servers fail to handle chunks with a negative size

Source: CERT-VN
Type: Third Party Advisory, US Government Resource
VU#944335

Source: ENGARDE
Type: Third Party Advisory
ESA-20020619-014

Source: CCN
Type: EnGarde Secure Linux Security Advisory ESA-20020619-014
chunk handling overflow vulnerability

Source: CCN
Type: National Infrastructure Protection Center Advisory 02-005.1
Remote Vulnerabilities in the Apache Web Server Software

Source: CCN
Type: National Infrastructure Protection Center Advisory 02-005.1
Remote Vulnerabilities in Apache Web Server Software

Source: SUSE
Type: Broken Link
SuSE-SA:2002:022

Source: CCN
Type: OpenPKG-SA-2002.004
Apache

Source: OSVDB
Type: Broken Link
838

Source: CCN
Type: OSVDB ID: 838
Apache HTTP Server Chunked Encoding Remote Overflow

Source: REDHAT
Type: Third Party Advisory
RHSA-2002:126

Source: REDHAT
Type: Third Party Advisory
RHSA-2002:150

Source: REDHAT
Type: Third Party Advisory
RHSA-2003:106

Source: BID
Type: Third Party Advisory, VDB Entry
20005

Source: CCN
Type: BID-20005
HP OpenView Operations Denial of Service and Unauthorized Access Vulnerability

Source: BID
Type: Third Party Advisory, VDB Entry
5033

Source: CCN
Type: BID-5033
Apache Chunked-Encoding Memory Corruption Vulnerability

Source: CCN
Type: slackware-security Mailing List, Wed, Jun, 26 12:03:06 PDT 2002
[slackware-security] New OpenSSH packages available

Source: CCN
Type: Trustix Secure Linux Security Advisory #2002-0056
apache

Source: HP
Type: Broken Link
SSRT050968

Source: XF
Type: UNKNOWN
apache-chunked-encoding-bo(9249)

Source: MLIST
Type: Mailing List, Vendor Advisory
[httpd-cvs] 20190815 svn commit: r1048742 [2/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html

Source: MLIST
Type: Mailing List, Vendor Advisory
[httpd-cvs] 20190815 svn commit: r1048743 [2/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html

Source: MLIST
Type: Mailing List, Vendor Advisory
[httpd-cvs] 20200401 svn commit: r1058586 [2/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html

Source: MLIST
Type: Mailing List, Vendor Advisory
[httpd-cvs] 20210330 svn commit: r1073140 [2/4] - in /websites/staging/httpd/trunk/content: ./ security/cvejsontohtml.py security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html

Source: MLIST
Type: Mailing List, Vendor Advisory
[httpd-cvs] 20210606 svn commit: r1075470 [2/4] - in /websites/staging/httpd/trunk/content: ./ security/json/CVE-2020-13938.json security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html

Source: MLIST
Type: Mailing List, Vendor Advisory
[httpd-cvs] 20210330 svn commit: r1073140 [1/4] - in /websites/staging/httpd/trunk/content: ./ security/cvejsontohtml.py security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html

Source: MLIST
Type: Mailing List, Vendor Advisory
[httpd-cvs] 20200401 svn commit: r1058587 [2/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html

Source: MLIST
Type: Mailing List, Vendor Advisory
[httpd-cvs] 20210330 svn commit: r1073143 [2/3] - in /websites/staging/httpd/trunk/content: ./ security/

Source: MLIST
Type: Mailing List, Vendor Advisory
[httpd-cvs] 20210330 svn commit: r1073149 [1/13] - in /websites/staging/httpd/trunk/content: ./ security/ security/json/

Source: MLIST
Type: Mailing List, Vendor Advisory
[httpd-cvs] 20210330 svn commit: r1073149 [2/13] - in /websites/staging/httpd/trunk/content: ./ security/ security/json/

Source: MLIST
Type: Mailing List, Vendor Advisory
[httpd-cvs] 20210606 svn commit: r1075470 [1/4] - in /websites/staging/httpd/trunk/content: ./ security/json/CVE-2020-13938.json security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html

Source: MLIST
Type: Mailing List, Vendor Advisory
[httpd-cvs] 20210330 svn commit: r1073139 [1/13] - in /websites/staging/httpd/trunk/content: ./ security/json/

Vulnerable Configuration:

Configuration 1:

cpe:/a:apache:http_server:*:*:*:*:*:*:*:* (Version >= 1.2.2 and <= 1.3.24)

OR cpe:/a:apache:http_server:*:*:*:*:*:*:*:* (Version >= 2.0.0 and <= 2.0.36)

Configuration 2:

cpe:/o:debian:debian_linux:2.2:*:*:*:*:*:*:*

Configuration CCN 1:

cpe:/a:apache:http_server:1.3:*:*:*:*:*:*:*

OR cpe:/a:apache:http_server:1.2:*:*:*:*:*:*:*

OR cpe:/a:apache:http_server:1.0:*:*:*:*:*:*:*

OR cpe:/a:apache:http_server:1.2.5:*:*:*:*:*:*:*

OR cpe:/a:apache:http_server:1.3.1:*:*:*:*:*:*:*

OR cpe:/a:apache:http_server:1.3.19:*:*:*:*:*:*:*

OR cpe:/a:apache:http_server:2.0:*:*:*:*:*:*:*

OR cpe:/a:apache:http_server:1.3.9:*:*:*:*:*:*:*

OR cpe:/a:apache:http_server:1.3.12:*:*:*:*:*:*:*

OR cpe:/a:apache:http_server:1.3.20:*:*:*:*:*:*:*

OR cpe:/a:apache:http_server:1.3.23:*:*:*:*:*:*:*

OR cpe:/a:apache:http_server:1.3.17:*:*:*:*:*:*:*

OR cpe:/a:apache:http_server:1.3.14:*:*:*:*:*:*:*

OR cpe:/a:apache:http_server:1.3.11:*:*:*:*:*:*:*

OR cpe:/a:apache:http_server:1.3.3:*:*:*:*:*:*:*

OR cpe:/a:apache:http_server:1.3.24:*:*:*:*:*:*:*

OR cpe:/a:apache:http_server:1.3.22:*:*:*:*:*:*:*

OR cpe:/a:apache:http_server:1.3.4:*:*:*:*:*:*:*

OR cpe:/a:apache:http_server:1.3.18:*:*:*:*:*:*:*

OR cpe:/a:apache:http_server:2.0.28:*:*:*:*:*:*:*

OR cpe:/a:apache:http_server:2.0.32:*:*:*:*:*:*:*

OR cpe:/a:apache:http_server:2.0.35:*:*:*:*:*:*:*

OR cpe:/a:apache:http_server:2.0.36:*:*:*:*:*:*:*

OR cpe:/a:apache:http_server:1.0.2:*:*:*:*:*:*:*

OR cpe:/a:apache:http_server:1.0.3:*:*:*:*:*:*:*

OR cpe:/a:apache:http_server:1.0.5:*:*:*:*:*:*:*

OR cpe:/a:apache:http_server:1.1:*:*:*:*:*:*:*

OR cpe:/a:apache:http_server:1.1.1:*:*:*:*:*:*:*

OR cpe:/a:apache:http_server:1.3.13:*:*:*:*:*:*:*

OR cpe:/a:apache:http_server:1.3.15:*:*:*:*:*:*:*

OR cpe:/a:apache:http_server:1.3.16:*:*:*:*:*:*:*

AND

cpe:/o:openbsd:openbsd:*:*:*:*:*:*:*:*

OR cpe:/o:redhat:linux:6.2:*:*:*:*:*:*:*

OR cpe:/o:suse:suse_linux:6.4:*:*:*:*:*:*:*

OR cpe:/o:debian:debian_linux:2.2:*:*:*:*:*:*:*

OR cpe:/o:mandrakesoft:mandrake_linux:7.1:*:*:*:*:*:*:*

OR cpe:/o:trustix:secure_linux:1.1:*:*:*:*:*:*:*

OR cpe:/o:redhat:linux:7:*:*:*:*:*:*:*

OR cpe:/o:mandrakesoft:mandrake_linux:7.2:*:*:*:*:*:*:*

OR cpe:/o:suse:suse_linux:7.0:*:*:*:*:*:*:*

OR cpe:/o:conectiva:linux:6.0:*:*:*:*:*:*:*

OR cpe:/o:mandrakesoft:mandrake_linux_corporate_server:1.0.1:*:*:*:*:*:*:*

OR cpe:/o:suse:suse_linux:7.1:*:*:*:*:*:*:*

OR cpe:/o:slackware:slackware_linux:7.1:*:*:*:*:*:*:*

OR cpe:/o:redhat:linux:7.1:*:*:*:*:*:*:*

OR cpe:/o:trustix:secure_linux:1.01:*:*:*:*:*:*:*

OR cpe:/o:trustix:secure_linux:1.2:*:*:*:*:*:*:*

OR cpe:/o:mandrakesoft:mandrake_linux:8.0:*:*:*:*:*:*:*

OR cpe:/a:mandrakesoft:mandrake_single_network_firewall:7.2:*:*:*:*:*:*:*

OR cpe:/o:suse:suse_linux:7.2:*:*:*:*:*:*:*

OR cpe:/o:slackware:slackware_linux:8.0:*:*:*:*:*:*:*

OR cpe:/o:conectiva:linux:7.0:*:*:*:*:*:*:*

OR cpe:/o:trustix:secure_linux:1.5:*:*:*:*:*:*:*

OR cpe:/o:mandrakesoft:mandrake_linux:8.1:*:*:*:*:*:*:*

OR cpe:/o:redhat:linux:7.2:*:*:*:*:*:*:*

OR cpe:/o:suse:suse_linux:7.3:*:*:*:*:*:*:*

OR cpe:/o:engardelinux:secure_linux:-:*:*:*:*:*:*:*

OR cpe:/o:mandrakesoft:mandrake_linux:8.2:*:*:*:*:*:*:*

OR cpe:/o:suse:suse_linux:8.0:*:*:*:*:*:*:*

OR cpe:/o:conectiva:linux:8.0:*:*:*:*:*:*:*

OR cpe:/o:redhat:linux:7.3:*:*:*:*:*:*:*

OR cpe:/a:redhat:stronghold:*:*:*:*:*:*:*:*

OR cpe:/o:slackware:slackware_linux:8.1:*:*:*:*:*:*:*

OR cpe:/o:redhat:enterprise_linux:2.1:*:as:*:*:*:*:*

OR cpe:/o:hp:hp-ux:b.11.00:*:*:*:*:*:*:*

OR cpe:/o:hp:hp-ux:b.11.11:*:*:*:*:*:*:*

OR cpe:/a:oracle:application_server:*:*:*:*:*:*:*:*

OR cpe:/o:redhat:linux:7.1:*:*:*:*:*:pseries:*

OR cpe:/o:redhat:linux:7.1:*:*:*:*:*:iseries:*

OR cpe:/o:mandrakesoft:mandrake_linux:8.0:*:ppc:*:*:*:*:*

OR cpe:/o:mandrakesoft:mandrake_linux:8.1:*:ia64:*:*:*:*:*

OR cpe:/o:mandrakesoft:mandrake_linux:8.2:*:ppc:*:*:*:*:*

Denotes that component is vulnerable

Oval Definitions

Definition ID	Class	Title	Last Modified
oval:org.debian:def:133	V	remote DoS / exploit	2002-06-20
oval:org.debian:def:131	V	remote DoS / exploit	2002-06-19
oval:org.debian:def:132	V	remote DoS / exploit	2002-06-19