GEN:SID | 1:1808 |
Message | WEB-MISC apache chunked encoding memory corruption exploit attempt |
Summary | An attacker is using exploit code for the Apache chunked encoding vulnerability against your web server.
|
Impact | If successful, this exploit can allow attackers to cause code of their choice to run on your server or cause a denial of service.
|
Detailed Information | Older versions of the Apache HTTP server suffered from a bug in the routines that handled chunked encoding. This exploit takes advantage of this vulnerability.
|
Affected Systems | Version of Apache 1.3 up to and including 1.3.24 and versions of Apache 2.0 up to 2.0.36. All versions of Apache 1.2 are vulnerable. Although this vulnerability is present in all ports of Apache, the exploit code detected by this signature appears to only work against systems running BSD.
|
Attack Scenarios | An attacker can take advantage of a widely available exploit script to compromise the server.
|
Ease of Attack | Simple. Exploit scripts are available.
|
Corrective Action | Ensure that you are running a version of Apache newer than those listed in the "affected systems" section.
|
Additional References | Apache http server project http://httpd.apache.org/info/security_bulletin_20020620.txt
|
Rule References | bugtraq: 5033
cve: 2002-0392
|