Description

This alert was generated using only banner information. It may be a false positive.

Apache does not properly calculate buffer size when processing request encoded as 'Chunked'. It's possible to exploit this flaw resulting execution of arbitrary code.

Affected Apache versions (up to 2.0.38 for Apache 2.x and up to 1.3.25 for Apache 1.x).

Remediation

Upgrade Apache to the latest version.

References

BID 5033

Apache homepage

Related Vulnerabilities

WordPress Ultimate Member Plugin Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2019-10673)

MySQL CVE-2013-3802 Vulnerability (CVE-2013-3802)

Moodle CVE-2021-36402 Vulnerability (CVE-2021-36402)

Oracle Database Server CVE-2007-0271 Vulnerability (CVE-2007-0271)

WordPress 4.2.x Cross-Domain Flash Injection Vulnerability (4.2 - 4.2.18)

Severity

High

Classification

CVE-2002-0392 CWE-119 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:L CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N

Tags

Code Execution Missing Update