GEN:SID 1:1808
Message WEB-MISC apache chunked encoding memory corruption exploit attempt
Summary An attacker is using exploit code for the Apache chunked encoding
vulnerability against your web server.
Impact If successful, this exploit can allow attackers to cause code of their
choice to run on your server or cause
a denial of service.
Detailed Information Older versions of the Apache HTTP server suffered from a bug in the
routines that handled chunked encoding.
This exploit takes advantage of this vulnerability.
Affected Systems Version of Apache 1.3 up to and including 1.3.24 and versions of Apache
2.0 up to 2.0.36. All versions of Apache 1.2 are vulnerable.   Although
this vulnerability is present in all ports of Apache, the exploit code
detected by this signature appears to only work against systems running
BSD.
Attack Scenarios An attacker can take advantage of a widely available exploit script to compromise the server.
Ease of Attack Simple. Exploit scripts are available.
Corrective Action Ensure that you are running a version of Apache newer than those listed
in the "affected systems" section.
Additional References Apache http server project
http://httpd.apache.org/info/security_bulletin_20020620.txt
Rule References bugtraq: 5033
cve: 2002-0392