Tenable Network Security
Solutions Products Nessus Demos Partners Online Store
Nessus
Download
Plugins
     Newest Plugins
     Obtain an activation code
     View all plugins
     Search
Documentation
Register
Buy Now
ProfessionalFeed Support
Bugs
All the Tenable Products

Apache Chunked Encoding Remote Overflow
This script is Copyright (C) 2002-2010 Tenable Network Security, Inc.

FamilyWeb Servers
Nessus Plugin ID11030 (apache_chunked_encoding.nasl)
Bugtraq ID5033
CVE IDCVE-2002-0392

Description:
Synopsis :

The remote web server is vulnerable to a remote code execution attack.

Description :

The remote Apache web server is affected by the Apache web server
chunk handling vulnerability.

If safe checks are enabled, this may be a false positive since it is
based on the version of Apache. Although unpatched Apache versions
1.2.2 and above, 1.3 through 1.3.24, and 2.0 through 2.0.36 are
affected, the remote server may be running a patched version of
Apache.

See also :

http://httpd.apache.org/info/security_bulletin_20020617.txt
http://httpd.apache.org/info/security_bulletin_20020620.txt

Solution :

Upgrade to Apache web server version 1.3.26 or 2.0.39 or newer.

Risk factor :

High / CVSS Base Score : 7.5
(CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P)
About us | Whitepapers | Training | Discussion Forums | Support Portal | Blog | RSS feeds | Contact us | Legal | Privacy

© Copyright 2002 - 2010 Tenable Network Security(R). All Rights Reserved.

This is the web site for the Nessus Vulnerability Scanner from Tenable Network Security. If you are looking for the probabilistic analysis software from Southwest Research Institute, please visit www.nessus.swri.org