CVE-2002-0392 - Vulnerability Details

Apache 1.3 through 1.3.24, and Apache 2.0 through 2.0.36, allows remote attackers to cause a denial of service and possibly execute arbitrary code via a chunk-encoded HTTP request that causes Apache to use an incorrect size.

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact Partial

Integrity Impact Partial

Availability Impact Partial

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Apache	Http Server
Debian	Debian Linux
Redhat	Enterprise Linux Linux Rhel Stronghold Secure Web Server Stronghold

Configuration 1 [-]

OR	cpe:2.3:a:apache:http_server::::::::
	cpe:2.3:a:apache:http_server::::::::

Configuration 2 [-]

cpe:2.3:o:debian:debian_linux:2.2:*:*:*:*:*:*:*

Package	CPE	Advisory	Released Date
Red Hat Enterprise Linux AS (Advanced Server) version 2.1
	cpe:/o:redhat:enterprise_linux:2.1	RHSA-2002:126	2002-07-12T00:00:00Z
Red Hat Linux 6.2
	cpe:/o:redhat:linux:6.2	RHSA-2002:103	2002-06-19T00:00:00Z
Red Hat Linux 7.0
	cpe:/o:redhat:linux:7.0	RHSA-2002:103	2002-06-19T00:00:00Z
Red Hat Linux 7.1
	cpe:/o:redhat:linux:7.1	RHSA-2002:103	2002-06-19T00:00:00Z
	cpe:/o:redhat:linux:7.1	RHSA-2003:106	2003-04-22T00:00:00Z
Red Hat Linux 7.2
	cpe:/o:redhat:linux:7.2	RHSA-2002:103	2002-06-19T00:00:00Z
Red Hat Linux 7.3
	cpe:/o:redhat:linux:7.3	RHSA-2002:103	2002-06-19T00:00:00Z
Red Hat Secure Web Server 3.2
	cpe:/a:redhat:secure_web_server:3.2	RHSA-2002:117	2002-06-30T00:00:00Z
Red Hat Stronghold 3
	cpe:/a:redhat:stronghold:3	RHSA-2002:118	2002-06-20T00:00:00Z
Red Hat Stronghold 4
	cpe:/a:redhat:stronghold:4	RHSA-2002:118	2002-06-20T00:00:00Z
Stronghold 4 for Red Hat Enterprise Linux
	cpe:/a:redhat:rhel_stronghold:4	RHSA-2002:150	2002-07-31T00:00:00Z

References

Link	Providers
ftp://ftp.caldera.com/pub/security/OpenLinux/CSSA-2002-029.0.txt
ftp://ftp.caldera.com/pub/updates/OpenServer/CSSA-2002-SCO.32
ftp://ftp.caldera.com/pub/updates/OpenUNIX/CSSA-2002-SCO.31
ftp://patches.sgi.com/support/free/security/advisories/20020605-01-A
ftp://patches.sgi.com/support/free/security/advisories/20020605-01-I
http://archives.neohapsis.com/archives/bugtraq/2002-06/0235.html
http://archives.neohapsis.com/archives/bugtraq/2002-06/0266.html
http://distro.conectiva.com/atualizacoes/?id=a&anuncio=000498
http://frontal2.mandriva.com/security/advisories?name=MDKSA-2002:039
http://httpd.apache.org/info/security_bulletin_20020617.txt
http://online.securityfocus.com/advisories/4240
http://online.securityfocus.com/advisories/4257
http://online.securityfocus.com/archive/1/278149
http://rhn.redhat.com/errata/RHSA-2002-103.html
http://rhn.redhat.com/errata/RHSA-2002-117.html
http://rhn.redhat.com/errata/RHSA-2002-118.html
http://secunia.com/advisories/21917
http://www.cert.org/advisories/CA-2002-17.html
http://www.debian.org/security/2002/dsa-131
http://www.debian.org/security/2002/dsa-132
http://www.debian.org/security/2002/dsa-133
http://www.frsirt.com/english/advisories/2006/3598
http://www.iss.net/security_center/static/9249.php
http://www.kb.cert.org/vuls/id/944335
http://www.linuxsecurity.com/advisories/other_advisory-2137.html
http://www.novell.com/linux/security/advisories/2002_22_apache.html
http://www.osvdb.org/838
http://www.redhat.com/support/errata/RHSA-2002-126.html
http://www.redhat.com/support/errata/RHSA-2002-150.html
http://www.redhat.com/support/errata/RHSA-2003-106.html
http://www.securityfocus.com/bid/20005
http://www.securityfocus.com/bid/5033
http://www2.itrc.hp.com/service/cki/docDisplay.do?docLocale=en_US&docId=200000083816475
https://lists.apache.org/thread.html/54a42d4b01968df1117cea77fc53d6beb931c0e05936ad02af93e9ac%40%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/5df9bfb86a3b054bb985a45ff9250b0332c9ecc181eec232489e7f79%40%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/r0276683d8e1e07153fc8642618830ac0ade85b9ae0dc7b07f63bb8fc%40%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/r2cb985de917e7da0848c440535f65a247754db8b2154a10089e4247b%40%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/r5001ecf3d6b2bdd0b732e527654248abb264f08390045d30709a92f6%40%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/r5419c9ba0951ef73a655362403d12bb8d10fab38274deb3f005816f5%40%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/r8828e649175df56f1f9e3919938ac7826128525426e2748f0ab62feb%40%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/r9e8622254184645bc963a1d47c5d47f6d5a36d6f080d8d2c43b2b142%40%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/rd00b45b93fda4a5bd013b28587207d0e00f99f6e3308dbb6025f3b01%40%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/rf2f0f3611f937cf6cfb3b4fe4a67f69885855126110e1e3f2fb2728e%40%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E
https://nvd.nist.gov/vuln/detail/CVE-2002-0392
https://www.cve.org/CVERecord?id=CVE-2002-0392

History

No history.

MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2003-04-02T05:00:00

Updated: 2024-08-08T02:49:28.274Z

Reserved: 2002-05-30T00:00:00

Link: CVE-2002-0392

Vulnrichment

No data.

NVD

Status : Modified

Published: 2002-07-03T04:00:00.000

Modified: 2024-11-20T23:38:58.190

Link: CVE-2002-0392

Redhat

Severity : Moderate

Publid Date: 2002-06-17T00:00:00Z

Links: CVE-2002-0392 - Bugzilla

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2002-06-17T00:00:00", "descriptions": [{"lang": "en", "value": "Apache 1.3 through 1.3.24, and Apache 2.0 through 2.0.36, allows remote attackers to cause a denial of service and possibly execute arbitrary code via a chunk-encoded HTTP request that causes Apache to use an incorrect size."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2021-06-06T10:09:41", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"name": "20020605-01-I", "tags": ["vendor-advisory", "x_refsource_SGI"], "url": "ftp://patches.sgi.com/support/free/security/advisories/20020605-01-I"}, {"name": "RHSA-2002:150", "tags": ["vendor-advisory", "x_refsource_REDHAT"], "url": "http://www.redhat.com/support/errata/RHSA-2002-150.html"}, {"name": "CSSA-2002-SCO.32", "tags": ["vendor-advisory", "x_refsource_CALDERA"], "url": "ftp://ftp.caldera.com/pub/updates/OpenServer/CSSA-2002-SCO.32"}, {"name": "CA-2002-17", "tags": ["third-party-advisory", "x_refsource_CERT"], "url": "http://www.cert.org/advisories/CA-2002-17.html"}, {"name": "RHSA-2002:118", "tags": ["vendor-advisory", "x_refsource_REDHAT"], "url": "http://rhn.redhat.com/errata/RHSA-2002-118.html"}, {"name": "RHSA-2003:106", "tags": ["vendor-advisory", "x_refsource_REDHAT"], "url": "http://www.redhat.com/support/errata/RHSA-2003-106.html"}, {"name": "20005", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/20005"}, {"name": "DSA-133", "tags": ["vendor-advisory", "x_refsource_DEBIAN"], "url": "http://www.debian.org/security/2002/dsa-133"}, {"name": "SSRT050968", "tags": ["vendor-advisory", "x_refsource_HP"], "url": "http://www2.itrc.hp.com/service/cki/docDisplay.do?docLocale=en_US&docId=200000083816475"}, {"name": "CSSA-2002-029.0", "tags": ["vendor-advisory", "x_refsource_CALDERA"], "url": "ftp://ftp.caldera.com/pub/security/OpenLinux/CSSA-2002-029.0.txt"}, {"name": "CSSA-2002-SCO.31", "tags": ["vendor-advisory", "x_refsource_CALDERA"], "url": "ftp://ftp.caldera.com/pub/updates/OpenUNIX/CSSA-2002-SCO.31"}, {"name": "ESA-20020619-014", "tags": ["vendor-advisory", "x_refsource_ENGARDE"], "url": "http://www.linuxsecurity.com/advisories/other_advisory-2137.html"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://httpd.apache.org/info/security_bulletin_20020617.txt"}, {"name": "SuSE-SA:2002:022", "tags": ["vendor-advisory", "x_refsource_SUSE"], "url": "http://www.novell.com/linux/security/advisories/2002_22_apache.html"}, {"name": "HPSBMA02149", "tags": ["vendor-advisory", "x_refsource_HP"], "url": "http://www2.itrc.hp.com/service/cki/docDisplay.do?docLocale=en_US&docId=200000083816475"}, {"name": "VU#944335", "tags": ["third-party-advisory", "x_refsource_CERT-VN"], "url": "http://www.kb.cert.org/vuls/id/944335"}, {"name": "DSA-132", "tags": ["vendor-advisory", "x_refsource_DEBIAN"], "url": "http://www.debian.org/security/2002/dsa-132"}, {"name": "HPSBTL0206-049", "tags": ["vendor-advisory", "x_refsource_HP"], "url": "http://online.securityfocus.com/advisories/4240"}, {"name": "20020619 [OpenPKG-SA-2002.004] OpenPKG Security Advisory (apache)", "tags": ["mailing-list", "x_refsource_BUGTRAQ"], "url": "http://archives.neohapsis.com/archives/bugtraq/2002-06/0235.html"}, {"name": "HPSBUX0207-197", "tags": ["vendor-advisory", "x_refsource_HP"], "url": "http://online.securityfocus.com/advisories/4257"}, {"name": "838", "tags": ["vdb-entry", "x_refsource_OSVDB"], "url": "http://www.osvdb.org/838"}, {"name": "DSA-131", "tags": ["vendor-advisory", "x_refsource_DEBIAN"], "url": "http://www.debian.org/security/2002/dsa-131"}, {"name": "CLSA-2002:498", "tags": ["vendor-advisory", "x_refsource_CONECTIVA"], "url": "http://distro.conectiva.com/atualizacoes/?id=a&anuncio=000498"}, {"name": "20020605-01-A", "tags": ["vendor-advisory", "x_refsource_SGI"], "url": "ftp://patches.sgi.com/support/free/security/advisories/20020605-01-A"}, {"name": "20020621 [slackware-security] new apache/mod_ssl packages available", "tags": ["mailing-list", "x_refsource_BUGTRAQ"], "url": "http://archives.neohapsis.com/archives/bugtraq/2002-06/0266.html"}, {"name": "20020621 [SECURITY] Remote exploit for 32-bit Apache HTTP Server known", "tags": ["mailing-list", "x_refsource_BUGTRAQ"], "url": "http://online.securityfocus.com/archive/1/278149"}, {"name": "MDKSA-2002:039", "tags": ["vendor-advisory", "x_refsource_MANDRAKE"], "url": "http://frontal2.mandriva.com/security/advisories?name=MDKSA-2002:039"}, {"name": "apache-chunked-encoding-bo(9249)", "tags": ["vdb-entry", "x_refsource_XF"], "url": "http://www.iss.net/security_center/static/9249.php"}, {"name": "RHSA-2002:126", "tags": ["vendor-advisory", "x_refsource_REDHAT"], "url": "http://www.redhat.com/support/errata/RHSA-2002-126.html"}, {"name": "RHSA-2002:103", "tags": ["vendor-advisory", "x_refsource_REDHAT"], "url": "http://rhn.redhat.com/errata/RHSA-2002-103.html"}, {"name": "ADV-2006-3598", "tags": ["third-party-advisory", "x_refsource_FRSIRT"], "url": "http://www.frsirt.com/english/advisories/2006/3598"}, {"name": "5033", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/5033"}, {"name": "RHSA-2002:117", "tags": ["vendor-advisory", "x_refsource_REDHAT"], "url": "http://rhn.redhat.com/errata/RHSA-2002-117.html"}, {"name": "21917", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/21917"}, {"name": "[httpd-cvs] 20190815 svn commit: r1048742 [2/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "https://lists.apache.org/thread.html/54a42d4b01968df1117cea77fc53d6beb931c0e05936ad02af93e9ac%40%3Ccvs.httpd.apache.org%3E"}, {"name": "[httpd-cvs] 20190815 svn commit: r1048743 [2/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "https://lists.apache.org/thread.html/5df9bfb86a3b054bb985a45ff9250b0332c9ecc181eec232489e7f79%40%3Ccvs.httpd.apache.org%3E"}, {"name": "[httpd-cvs] 20200401 svn commit: r1058586 [2/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "https://lists.apache.org/thread.html/r0276683d8e1e07153fc8642618830ac0ade85b9ae0dc7b07f63bb8fc%40%3Ccvs.httpd.apache.org%3E"}, {"name": "[httpd-cvs] 20200401 svn commit: r1058587 [2/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "https://lists.apache.org/thread.html/r8828e649175df56f1f9e3919938ac7826128525426e2748f0ab62feb%40%3Ccvs.httpd.apache.org%3E"}, {"name": "[httpd-cvs] 20210330 svn commit: r1073139 [1/13] - in /websites/staging/httpd/trunk/content: ./ security/json/", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E"}, {"name": "[httpd-cvs] 20210330 svn commit: r1073140 [1/4] - in /websites/staging/httpd/trunk/content: ./ security/cvejsontohtml.py security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "https://lists.apache.org/thread.html/r5419c9ba0951ef73a655362403d12bb8d10fab38274deb3f005816f5%40%3Ccvs.httpd.apache.org%3E"}, {"name": "[httpd-cvs] 20210330 svn commit: r1073140 [2/4] - in /websites/staging/httpd/trunk/content: ./ security/cvejsontohtml.py security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "https://lists.apache.org/thread.html/r2cb985de917e7da0848c440535f65a247754db8b2154a10089e4247b%40%3Ccvs.httpd.apache.org%3E"}, {"name": "[httpd-cvs] 20210330 svn commit: r1073143 [2/3] - in /websites/staging/httpd/trunk/content: ./ security/", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "https://lists.apache.org/thread.html/r9e8622254184645bc963a1d47c5d47f6d5a36d6f080d8d2c43b2b142%40%3Ccvs.httpd.apache.org%3E"}, {"name": "[httpd-cvs] 20210330 svn commit: r1073149 [2/13] - in /websites/staging/httpd/trunk/content: ./ security/ security/json/", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "https://lists.apache.org/thread.html/rd00b45b93fda4a5bd013b28587207d0e00f99f6e3308dbb6025f3b01%40%3Ccvs.httpd.apache.org%3E"}, {"name": "[httpd-cvs] 20210330 svn commit: r1073149 [1/13] - in /websites/staging/httpd/trunk/content: ./ security/ security/json/", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E"}, {"name": "[httpd-cvs] 20210606 svn commit: r1075470 [1/4] - in /websites/staging/httpd/trunk/content: ./ security/json/CVE-2020-13938.json security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "https://lists.apache.org/thread.html/rf2f0f3611f937cf6cfb3b4fe4a67f69885855126110e1e3f2fb2728e%40%3Ccvs.httpd.apache.org%3E"}, {"name": "[httpd-cvs] 20210606 svn commit: r1075470 [2/4] - in /websites/staging/httpd/trunk/content: ./ security/json/CVE-2020-13938.json security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "https://lists.apache.org/thread.html/r5001ecf3d6b2bdd0b732e527654248abb264f08390045d30709a92f6%40%3Ccvs.httpd.apache.org%3E"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2002-0392", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Apache 1.3 through 1.3.24, and Apache 2.0 through 2.0.36, allows remote attackers to cause a denial of service and possibly execute arbitrary code via a chunk-encoded HTTP request that causes Apache to use an incorrect size."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "20020605-01-I", "refsource": "SGI", "url": "ftp://patches.sgi.com/support/free/security/advisories/20020605-01-I"}, {"name": "RHSA-2002:150", "refsource": "REDHAT", "url": "http://www.redhat.com/support/errata/RHSA-2002-150.html"}, {"name": "CSSA-2002-SCO.32", "refsource": "CALDERA", "url": "ftp://ftp.caldera.com/pub/updates/OpenServer/CSSA-2002-SCO.32"}, {"name": "CA-2002-17", "refsource": "CERT", "url": "http://www.cert.org/advisories/CA-2002-17.html"}, {"name": "RHSA-2002:118", "refsource": "REDHAT", "url": "http://rhn.redhat.com/errata/RHSA-2002-118.html"}, {"name": "RHSA-2003:106", "refsource": "REDHAT", "url": "http://www.redhat.com/support/errata/RHSA-2003-106.html"}, {"name": "20005", "refsource": "BID", "url": "http://www.securityfocus.com/bid/20005"}, {"name": "DSA-133", "refsource": "DEBIAN", "url": "http://www.debian.org/security/2002/dsa-133"}, {"name": "SSRT050968", "refsource": "HP", "url": "http://www2.itrc.hp.com/service/cki/docDisplay.do?docLocale=en_US&docId=200000083816475"}, {"name": "CSSA-2002-029.0", "refsource": "CALDERA", "url": "ftp://ftp.caldera.com/pub/security/OpenLinux/CSSA-2002-029.0.txt"}, {"name": "CSSA-2002-SCO.31", "refsource": "CALDERA", "url": "ftp://ftp.caldera.com/pub/updates/OpenUNIX/CSSA-2002-SCO.31"}, {"name": "ESA-20020619-014", "refsource": "ENGARDE", "url": "http://www.linuxsecurity.com/advisories/other_advisory-2137.html"}, {"name": "http://httpd.apache.org/info/security_bulletin_20020617.txt", "refsource": "CONFIRM", "url": "http://httpd.apache.org/info/security_bulletin_20020617.txt"}, {"name": "SuSE-SA:2002:022", "refsource": "SUSE", "url": "http://www.novell.com/linux/security/advisories/2002_22_apache.html"}, {"name": "HPSBMA02149", "refsource": "HP", "url": "http://www2.itrc.hp.com/service/cki/docDisplay.do?docLocale=en_US&docId=200000083816475"}, {"name": "VU#944335", "refsource": "CERT-VN", "url": "http://www.kb.cert.org/vuls/id/944335"}, {"name": "DSA-132", "refsource": "DEBIAN", "url": "http://www.debian.org/security/2002/dsa-132"}, {"name": "HPSBTL0206-049", "refsource": "HP", "url": "http://online.securityfocus.com/advisories/4240"}, {"name": "20020619 [OpenPKG-SA-2002.004] OpenPKG Security Advisory (apache)", "refsource": "BUGTRAQ", "url": "http://archives.neohapsis.com/archives/bugtraq/2002-06/0235.html"}, {"name": "HPSBUX0207-197", "refsource": "HP", "url": "http://online.securityfocus.com/advisories/4257"}, {"name": "838", "refsource": "OSVDB", "url": "http://www.osvdb.org/838"}, {"name": "DSA-131", "refsource": "DEBIAN", "url": "http://www.debian.org/security/2002/dsa-131"}, {"name": "CLSA-2002:498", "refsource": "CONECTIVA", "url": "http://distro.conectiva.com/atualizacoes/?id=a&anuncio=000498"}, {"name": "20020605-01-A", "refsource": "SGI", "url": "ftp://patches.sgi.com/support/free/security/advisories/20020605-01-A"}, {"name": "20020621 [slackware-security] new apache/mod_ssl packages available", "refsource": "BUGTRAQ", "url": "http://archives.neohapsis.com/archives/bugtraq/2002-06/0266.html"}, {"name": "20020621 [SECURITY] Remote exploit for 32-bit Apache HTTP Server known", "refsource": "BUGTRAQ", "url": "http://online.securityfocus.com/archive/1/278149"}, {"name": "MDKSA-2002:039", "refsource": "MANDRAKE", "url": "http://frontal2.mandriva.com/security/advisories?name=MDKSA-2002:039"}, {"name": "apache-chunked-encoding-bo(9249)", "refsource": "XF", "url": "http://www.iss.net/security_center/static/9249.php"}, {"name": "RHSA-2002:126", "refsource": "REDHAT", "url": "http://www.redhat.com/support/errata/RHSA-2002-126.html"}, {"name": "RHSA-2002:103", "refsource": "REDHAT", "url": "http://rhn.redhat.com/errata/RHSA-2002-103.html"}, {"name": "ADV-2006-3598", "refsource": "FRSIRT", "url": "http://www.frsirt.com/english/advisories/2006/3598"}, {"name": "5033", "refsource": "BID", "url": "http://www.securityfocus.com/bid/5033"}, {"name": "RHSA-2002:117", "refsource": "REDHAT", "url": "http://rhn.redhat.com/errata/RHSA-2002-117.html"}, {"name": "21917", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/21917"}, {"name": "[httpd-cvs] 20190815 svn commit: r1048742 [2/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html", "refsource": "MLIST", "url": "https://lists.apache.org/thread.html/54a42d4b01968df1117cea77fc53d6beb931c0e05936ad02af93e9ac@%3Ccvs.httpd.apache.org%3E"}, {"name": "[httpd-cvs] 20190815 svn commit: r1048743 [2/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html", "refsource": "MLIST", "url": "https://lists.apache.org/thread.html/5df9bfb86a3b054bb985a45ff9250b0332c9ecc181eec232489e7f79@%3Ccvs.httpd.apache.org%3E"}, {"name": "[httpd-cvs] 20200401 svn commit: r1058586 [2/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html", "refsource": "MLIST", "url": "https://lists.apache.org/thread.html/r0276683d8e1e07153fc8642618830ac0ade85b9ae0dc7b07f63bb8fc@%3Ccvs.httpd.apache.org%3E"}, {"name": "[httpd-cvs] 20200401 svn commit: r1058587 [2/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html", "refsource": "MLIST", "url": "https://lists.apache.org/thread.html/r8828e649175df56f1f9e3919938ac7826128525426e2748f0ab62feb@%3Ccvs.httpd.apache.org%3E"}, {"name": "[httpd-cvs] 20210330 svn commit: r1073139 [1/13] - in /websites/staging/httpd/trunk/content: ./ security/json/", "refsource": "MLIST", "url": "https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9@%3Ccvs.httpd.apache.org%3E"}, {"name": "[httpd-cvs] 20210330 svn commit: r1073140 [1/4] - in /websites/staging/httpd/trunk/content: ./ security/cvejsontohtml.py security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html", "refsource": "MLIST", "url": "https://lists.apache.org/thread.html/r5419c9ba0951ef73a655362403d12bb8d10fab38274deb3f005816f5@%3Ccvs.httpd.apache.org%3E"}, {"name": "[httpd-cvs] 20210330 svn commit: r1073140 [2/4] - in /websites/staging/httpd/trunk/content: ./ security/cvejsontohtml.py security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html", "refsource": "MLIST", "url": "https://lists.apache.org/thread.html/r2cb985de917e7da0848c440535f65a247754db8b2154a10089e4247b@%3Ccvs.httpd.apache.org%3E"}, {"name": "[httpd-cvs] 20210330 svn commit: r1073143 [2/3] - in /websites/staging/httpd/trunk/content: ./ security/", "refsource": "MLIST", "url": "https://lists.apache.org/thread.html/r9e8622254184645bc963a1d47c5d47f6d5a36d6f080d8d2c43b2b142@%3Ccvs.httpd.apache.org%3E"}, {"name": "[httpd-cvs] 20210330 svn commit: r1073149 [2/13] - in /websites/staging/httpd/trunk/content: ./ security/ security/json/", "refsource": "MLIST", "url": "https://lists.apache.org/thread.html/rd00b45b93fda4a5bd013b28587207d0e00f99f6e3308dbb6025f3b01@%3Ccvs.httpd.apache.org%3E"}, {"name": "[httpd-cvs] 20210330 svn commit: r1073149 [1/13] - in /websites/staging/httpd/trunk/content: ./ security/ security/json/", "refsource": "MLIST", "url": "https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920@%3Ccvs.httpd.apache.org%3E"}, {"name": "[httpd-cvs] 20210606 svn commit: r1075470 [1/4] - in /websites/staging/httpd/trunk/content: ./ security/json/CVE-2020-13938.json security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html", "refsource": "MLIST", "url": "https://lists.apache.org/thread.html/rf2f0f3611f937cf6cfb3b4fe4a67f69885855126110e1e3f2fb2728e@%3Ccvs.httpd.apache.org%3E"}, {"name": "[httpd-cvs] 20210606 svn commit: r1075470 [2/4] - in /websites/staging/httpd/trunk/content: ./ security/json/CVE-2020-13938.json security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html", "refsource": "MLIST", "url": "https://lists.apache.org/thread.html/r5001ecf3d6b2bdd0b732e527654248abb264f08390045d30709a92f6@%3Ccvs.httpd.apache.org%3E"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-08T02:49:28.274Z"}, "title": "CVE Program Container", "references": [{"name": "20020605-01-I", "tags": ["vendor-advisory", "x_refsource_SGI", "x_transferred"], "url": "ftp://patches.sgi.com/support/free/security/advisories/20020605-01-I"}, {"name": "RHSA-2002:150", "tags": ["vendor-advisory", "x_refsource_REDHAT", "x_transferred"], "url": "http://www.redhat.com/support/errata/RHSA-2002-150.html"}, {"name": "CSSA-2002-SCO.32", "tags": ["vendor-advisory", "x_refsource_CALDERA", "x_transferred"], "url": "ftp://ftp.caldera.com/pub/updates/OpenServer/CSSA-2002-SCO.32"}, {"name": "CA-2002-17", "tags": ["third-party-advisory", "x_refsource_CERT", "x_transferred"], "url": "http://www.cert.org/advisories/CA-2002-17.html"}, {"name": "RHSA-2002:118", "tags": ["vendor-advisory", "x_refsource_REDHAT", "x_transferred"], "url": "http://rhn.redhat.com/errata/RHSA-2002-118.html"}, {"name": "RHSA-2003:106", "tags": ["vendor-advisory", "x_refsource_REDHAT", "x_transferred"], "url": "http://www.redhat.com/support/errata/RHSA-2003-106.html"}, {"name": "20005", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/20005"}, {"name": "DSA-133", "tags": ["vendor-advisory", "x_refsource_DEBIAN", "x_transferred"], "url": "http://www.debian.org/security/2002/dsa-133"}, {"name": "SSRT050968", "tags": ["vendor-advisory", "x_refsource_HP", "x_transferred"], "url": "http://www2.itrc.hp.com/service/cki/docDisplay.do?docLocale=en_US&docId=200000083816475"}, {"name": "CSSA-2002-029.0", "tags": ["vendor-advisory", "x_refsource_CALDERA", "x_transferred"], "url": "ftp://ftp.caldera.com/pub/security/OpenLinux/CSSA-2002-029.0.txt"}, {"name": "CSSA-2002-SCO.31", "tags": ["vendor-advisory", "x_refsource_CALDERA", "x_transferred"], "url": "ftp://ftp.caldera.com/pub/updates/OpenUNIX/CSSA-2002-SCO.31"}, {"name": "ESA-20020619-014", "tags": ["vendor-advisory", "x_refsource_ENGARDE", "x_transferred"], "url": "http://www.linuxsecurity.com/advisories/other_advisory-2137.html"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://httpd.apache.org/info/security_bulletin_20020617.txt"}, {"name": "SuSE-SA:2002:022", "tags": ["vendor-advisory", "x_refsource_SUSE", "x_transferred"], "url": "http://www.novell.com/linux/security/advisories/2002_22_apache.html"}, {"name": "HPSBMA02149", "tags": ["vendor-advisory", "x_refsource_HP", "x_transferred"], "url": "http://www2.itrc.hp.com/service/cki/docDisplay.do?docLocale=en_US&docId=200000083816475"}, {"name": "VU#944335", "tags": ["third-party-advisory", "x_refsource_CERT-VN", "x_transferred"], "url": "http://www.kb.cert.org/vuls/id/944335"}, {"name": "DSA-132", "tags": ["vendor-advisory", "x_refsource_DEBIAN", "x_transferred"], "url": "http://www.debian.org/security/2002/dsa-132"}, {"name": "HPSBTL0206-049", "tags": ["vendor-advisory", "x_refsource_HP", "x_transferred"], "url": "http://online.securityfocus.com/advisories/4240"}, {"name": "20020619 [OpenPKG-SA-2002.004] OpenPKG Security Advisory (apache)", "tags": ["mailing-list", "x_refsource_BUGTRAQ", "x_transferred"], "url": "http://archives.neohapsis.com/archives/bugtraq/2002-06/0235.html"}, {"name": "HPSBUX0207-197", "tags": ["vendor-advisory", "x_refsource_HP", "x_transferred"], "url": "http://online.securityfocus.com/advisories/4257"}, {"name": "838", "tags": ["vdb-entry", "x_refsource_OSVDB", "x_transferred"], "url": "http://www.osvdb.org/838"}, {"name": "DSA-131", "tags": ["vendor-advisory", "x_refsource_DEBIAN", "x_transferred"], "url": "http://www.debian.org/security/2002/dsa-131"}, {"name": "CLSA-2002:498", "tags": ["vendor-advisory", "x_refsource_CONECTIVA", "x_transferred"], "url": "http://distro.conectiva.com/atualizacoes/?id=a&anuncio=000498"}, {"name": "20020605-01-A", "tags": ["vendor-advisory", "x_refsource_SGI", "x_transferred"], "url": "ftp://patches.sgi.com/support/free/security/advisories/20020605-01-A"}, {"name": "20020621 [slackware-security] new apache/mod_ssl packages available", "tags": ["mailing-list", "x_refsource_BUGTRAQ", "x_transferred"], "url": "http://archives.neohapsis.com/archives/bugtraq/2002-06/0266.html"}, {"name": "20020621 [SECURITY] Remote exploit for 32-bit Apache HTTP Server known", "tags": ["mailing-list", "x_refsource_BUGTRAQ", "x_transferred"], "url": "http://online.securityfocus.com/archive/1/278149"}, {"name": "MDKSA-2002:039", "tags": ["vendor-advisory", "x_refsource_MANDRAKE", "x_transferred"], "url": "http://frontal2.mandriva.com/security/advisories?name=MDKSA-2002:039"}, {"name": "apache-chunked-encoding-bo(9249)", "tags": ["vdb-entry", "x_refsource_XF", "x_transferred"], "url": "http://www.iss.net/security_center/static/9249.php"}, {"name": "RHSA-2002:126", "tags": ["vendor-advisory", "x_refsource_REDHAT", "x_transferred"], "url": "http://www.redhat.com/support/errata/RHSA-2002-126.html"}, {"name": "RHSA-2002:103", "tags": ["vendor-advisory", "x_refsource_REDHAT", "x_transferred"], "url": "http://rhn.redhat.com/errata/RHSA-2002-103.html"}, {"name": "ADV-2006-3598", "tags": ["third-party-advisory", "x_refsource_FRSIRT", "x_transferred"], "url": "http://www.frsirt.com/english/advisories/2006/3598"}, {"name": "5033", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/5033"}, {"name": "RHSA-2002:117", "tags": ["vendor-advisory", "x_refsource_REDHAT", "x_transferred"], "url": "http://rhn.redhat.com/errata/RHSA-2002-117.html"}, {"name": "21917", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/21917"}, {"name": "[httpd-cvs] 20190815 svn commit: r1048742 [2/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "https://lists.apache.org/thread.html/54a42d4b01968df1117cea77fc53d6beb931c0e05936ad02af93e9ac%40%3Ccvs.httpd.apache.org%3E"}, {"name": "[httpd-cvs] 20190815 svn commit: r1048743 [2/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "https://lists.apache.org/thread.html/5df9bfb86a3b054bb985a45ff9250b0332c9ecc181eec232489e7f79%40%3Ccvs.httpd.apache.org%3E"}, {"name": "[httpd-cvs] 20200401 svn commit: r1058586 [2/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "https://lists.apache.org/thread.html/r0276683d8e1e07153fc8642618830ac0ade85b9ae0dc7b07f63bb8fc%40%3Ccvs.httpd.apache.org%3E"}, {"name": "[httpd-cvs] 20200401 svn commit: r1058587 [2/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "https://lists.apache.org/thread.html/r8828e649175df56f1f9e3919938ac7826128525426e2748f0ab62feb%40%3Ccvs.httpd.apache.org%3E"}, {"name": "[httpd-cvs] 20210330 svn commit: r1073139 [1/13] - in /websites/staging/httpd/trunk/content: ./ security/json/", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E"}, {"name": "[httpd-cvs] 20210330 svn commit: r1073140 [1/4] - in /websites/staging/httpd/trunk/content: ./ security/cvejsontohtml.py security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "https://lists.apache.org/thread.html/r5419c9ba0951ef73a655362403d12bb8d10fab38274deb3f005816f5%40%3Ccvs.httpd.apache.org%3E"}, {"name": "[httpd-cvs] 20210330 svn commit: r1073140 [2/4] - in /websites/staging/httpd/trunk/content: ./ security/cvejsontohtml.py security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "https://lists.apache.org/thread.html/r2cb985de917e7da0848c440535f65a247754db8b2154a10089e4247b%40%3Ccvs.httpd.apache.org%3E"}, {"name": "[httpd-cvs] 20210330 svn commit: r1073143 [2/3] - in /websites/staging/httpd/trunk/content: ./ security/", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "https://lists.apache.org/thread.html/r9e8622254184645bc963a1d47c5d47f6d5a36d6f080d8d2c43b2b142%40%3Ccvs.httpd.apache.org%3E"}, {"name": "[httpd-cvs] 20210330 svn commit: r1073149 [2/13] - in /websites/staging/httpd/trunk/content: ./ security/ security/json/", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "https://lists.apache.org/thread.html/rd00b45b93fda4a5bd013b28587207d0e00f99f6e3308dbb6025f3b01%40%3Ccvs.httpd.apache.org%3E"}, {"name": "[httpd-cvs] 20210330 svn commit: r1073149 [1/13] - in /websites/staging/httpd/trunk/content: ./ security/ security/json/", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E"}, {"name": "[httpd-cvs] 20210606 svn commit: r1075470 [1/4] - in /websites/staging/httpd/trunk/content: ./ security/json/CVE-2020-13938.json security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "https://lists.apache.org/thread.html/rf2f0f3611f937cf6cfb3b4fe4a67f69885855126110e1e3f2fb2728e%40%3Ccvs.httpd.apache.org%3E"}, {"name": "[httpd-cvs] 20210606 svn commit: r1075470 [2/4] - in /websites/staging/httpd/trunk/content: ./ security/json/CVE-2020-13938.json security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "https://lists.apache.org/thread.html/r5001ecf3d6b2bdd0b732e527654248abb264f08390045d30709a92f6%40%3Ccvs.httpd.apache.org%3E"}]}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2002-0392", "datePublished": "2003-04-02T05:00:00", "dateReserved": "2002-05-30T00:00:00", "dateUpdated": "2024-08-08T02:49:28.274Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*", "matchCriteriaId": "BC1462D4-285E-44B1-91D2-D3FEFD613807", "versionEndIncluding": "1.3.24", "versionStartIncluding": "1.2.2", "vulnerable": true}, {"criteria": "cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*", "matchCriteriaId": "4CEED217-758F-4471-9F0C-8DC4B2D46CCB", "versionEndIncluding": "2.0.36", "versionStartIncluding": "2.0.0", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:debian:debian_linux:2.2:*:*:*:*:*:*:*", "matchCriteriaId": "58B90124-0543-4226-BFF4-13CCCBCCB243", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "Apache 1.3 through 1.3.24, and Apache 2.0 through 2.0.36, allows remote attackers to cause a denial of service and possibly execute arbitrary code via a chunk-encoded HTTP request that causes Apache to use an incorrect size."}], "id": "CVE-2002-0392", "lastModified": "2024-11-20T23:38:58.190", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 7.5, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": true, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2002-07-03T04:00:00.000", "references": [{"source": "cve@mitre.org", "tags": ["Broken Link"], "url": "ftp://ftp.caldera.com/pub/security/OpenLinux/CSSA-2002-029.0.txt"}, {"source": "cve@mitre.org", "tags": ["Broken Link"], "url": "ftp://ftp.caldera.com/pub/updates/OpenServer/CSSA-2002-SCO.32"}, {"source": "cve@mitre.org", "tags": ["Broken Link"], "url": "ftp://ftp.caldera.com/pub/updates/OpenUNIX/CSSA-2002-SCO.31"}, {"source": "cve@mitre.org", "tags": ["Broken Link"], "url": "ftp://patches.sgi.com/support/free/security/advisories/20020605-01-A"}, {"source": "cve@mitre.org", "tags": ["Broken Link"], "url": "ftp://patches.sgi.com/support/free/security/advisories/20020605-01-I"}, {"source": "cve@mitre.org", "tags": ["Broken Link"], "url": "http://archives.neohapsis.com/archives/bugtraq/2002-06/0235.html"}, {"source": "cve@mitre.org", "tags": ["Broken Link"], "url": "http://archives.neohapsis.com/archives/bugtraq/2002-06/0266.html"}, {"source": "cve@mitre.org", "tags": ["Broken Link"], "url": "http://distro.conectiva.com/atualizacoes/?id=a&anuncio=000498"}, {"source": "cve@mitre.org", "tags": ["Broken Link"], "url": "http://frontal2.mandriva.com/security/advisories?name=MDKSA-2002:039"}, {"source": "cve@mitre.org", "tags": ["Vendor Advisory"], "url": "http://httpd.apache.org/info/security_bulletin_20020617.txt"}, {"source": "cve@mitre.org", "tags": ["Broken Link", "Third Party Advisory", "VDB Entry"], "url": "http://online.securityfocus.com/advisories/4240"}, {"source": "cve@mitre.org", "tags": ["Broken Link", "Third Party Advisory", "VDB Entry"], "url": "http://online.securityfocus.com/advisories/4257"}, {"source": "cve@mitre.org", "tags": ["Broken Link", "Third Party Advisory", "VDB Entry"], "url": "http://online.securityfocus.com/archive/1/278149"}, {"source": "cve@mitre.org", "tags": ["Broken Link"], "url": "http://rhn.redhat.com/errata/RHSA-2002-103.html"}, {"source": "cve@mitre.org", "tags": ["Broken Link"], "url": "http://rhn.redhat.com/errata/RHSA-2002-117.html"}, {"source": "cve@mitre.org", "tags": ["Broken Link"], "url": "http://rhn.redhat.com/errata/RHSA-2002-118.html"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory"], "url": "http://secunia.com/advisories/21917"}, {"source": "cve@mitre.org", "tags": ["Patch", "Third Party Advisory", "US Government Resource"], "url": "http://www.cert.org/advisories/CA-2002-17.html"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory"], "url": "http://www.debian.org/security/2002/dsa-131"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory"], "url": "http://www.debian.org/security/2002/dsa-132"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory"], "url": "http://www.debian.org/security/2002/dsa-133"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory"], "url": "http://www.frsirt.com/english/advisories/2006/3598"}, {"source": "cve@mitre.org", "tags": ["Broken Link"], "url": "http://www.iss.net/security_center/static/9249.php"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory", "US Government Resource"], "url": "http://www.kb.cert.org/vuls/id/944335"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory"], "url": "http://www.linuxsecurity.com/advisories/other_advisory-2137.html"}, {"source": "cve@mitre.org", "tags": ["Broken Link"], "url": "http://www.novell.com/linux/security/advisories/2002_22_apache.html"}, {"source": "cve@mitre.org", "tags": ["Broken Link"], "url": "http://www.osvdb.org/838"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory"], "url": "http://www.redhat.com/support/errata/RHSA-2002-126.html"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory"], "url": "http://www.redhat.com/support/errata/RHSA-2002-150.html"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory"], "url": "http://www.redhat.com/support/errata/RHSA-2003-106.html"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://www.securityfocus.com/bid/20005"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://www.securityfocus.com/bid/5033"}, {"source": "cve@mitre.org", "tags": ["Broken Link"], "url": "http://www2.itrc.hp.com/service/cki/docDisplay.do?docLocale=en_US&docId=200000083816475"}, {"source": "cve@mitre.org", "tags": ["Broken Link"], "url": "http://www2.itrc.hp.com/service/cki/docDisplay.do?docLocale=en_US&docId=200000083816475"}, {"source": "cve@mitre.org", "url": "https://lists.apache.org/thread.html/54a42d4b01968df1117cea77fc53d6beb931c0e05936ad02af93e9ac%40%3Ccvs.httpd.apache.org%3E"}, {"source": "cve@mitre.org", "url": "https://lists.apache.org/thread.html/5df9bfb86a3b054bb985a45ff9250b0332c9ecc181eec232489e7f79%40%3Ccvs.httpd.apache.org%3E"}, {"source": "cve@mitre.org", "url": "https://lists.apache.org/thread.html/r0276683d8e1e07153fc8642618830ac0ade85b9ae0dc7b07f63bb8fc%40%3Ccvs.httpd.apache.org%3E"}, {"source": "cve@mitre.org", "url": "https://lists.apache.org/thread.html/r2cb985de917e7da0848c440535f65a247754db8b2154a10089e4247b%40%3Ccvs.httpd.apache.org%3E"}, {"source": "cve@mitre.org", "url": "https://lists.apache.org/thread.html/r5001ecf3d6b2bdd0b732e527654248abb264f08390045d30709a92f6%40%3Ccvs.httpd.apache.org%3E"}, {"source": "cve@mitre.org", "url": "https://lists.apache.org/thread.html/r5419c9ba0951ef73a655362403d12bb8d10fab38274deb3f005816f5%40%3Ccvs.httpd.apache.org%3E"}, {"source": "cve@mitre.org", "url": "https://lists.apache.org/thread.html/r8828e649175df56f1f9e3919938ac7826128525426e2748f0ab62feb%40%3Ccvs.httpd.apache.org%3E"}, {"source": "cve@mitre.org", "url": "https://lists.apache.org/thread.html/r9e8622254184645bc963a1d47c5d47f6d5a36d6f080d8d2c43b2b142%40%3Ccvs.httpd.apache.org%3E"}, {"source": "cve@mitre.org", "url": "https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E"}, {"source": "cve@mitre.org", "url": "https://lists.apache.org/thread.html/rd00b45b93fda4a5bd013b28587207d0e00f99f6e3308dbb6025f3b01%40%3Ccvs.httpd.apache.org%3E"}, {"source": "cve@mitre.org", "url": "https://lists.apache.org/thread.html/rf2f0f3611f937cf6cfb3b4fe4a67f69885855126110e1e3f2fb2728e%40%3Ccvs.httpd.apache.org%3E"}, {"source": "cve@mitre.org", "url": "https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Broken Link"], "url": "ftp://ftp.caldera.com/pub/security/OpenLinux/CSSA-2002-029.0.txt"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Broken Link"], "url": "ftp://ftp.caldera.com/pub/updates/OpenServer/CSSA-2002-SCO.32"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Broken Link"], "url": "ftp://ftp.caldera.com/pub/updates/OpenUNIX/CSSA-2002-SCO.31"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Broken Link"], "url": "ftp://patches.sgi.com/support/free/security/advisories/20020605-01-A"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Broken Link"], "url": "ftp://patches.sgi.com/support/free/security/advisories/20020605-01-I"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Broken Link"], "url": "http://archives.neohapsis.com/archives/bugtraq/2002-06/0235.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Broken Link"], "url": "http://archives.neohapsis.com/archives/bugtraq/2002-06/0266.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Broken Link"], "url": "http://distro.conectiva.com/atualizacoes/?id=a&anuncio=000498"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Broken Link"], "url": "http://frontal2.mandriva.com/security/advisories?name=MDKSA-2002:039"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "http://httpd.apache.org/info/security_bulletin_20020617.txt"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Broken Link", "Third Party Advisory", "VDB Entry"], "url": "http://online.securityfocus.com/advisories/4240"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Broken Link", "Third Party Advisory", "VDB Entry"], "url": "http://online.securityfocus.com/advisories/4257"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Broken Link", "Third Party Advisory", "VDB Entry"], "url": "http://online.securityfocus.com/archive/1/278149"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Broken Link"], "url": "http://rhn.redhat.com/errata/RHSA-2002-103.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Broken Link"], "url": "http://rhn.redhat.com/errata/RHSA-2002-117.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Broken Link"], "url": "http://rhn.redhat.com/errata/RHSA-2002-118.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "http://secunia.com/advisories/21917"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch", "Third Party Advisory", "US Government Resource"], "url": "http://www.cert.org/advisories/CA-2002-17.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "http://www.debian.org/security/2002/dsa-131"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "http://www.debian.org/security/2002/dsa-132"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "http://www.debian.org/security/2002/dsa-133"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "http://www.frsirt.com/english/advisories/2006/3598"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Broken Link"], "url": "http://www.iss.net/security_center/static/9249.php"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory", "US Government Resource"], "url": "http://www.kb.cert.org/vuls/id/944335"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "http://www.linuxsecurity.com/advisories/other_advisory-2137.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Broken Link"], "url": "http://www.novell.com/linux/security/advisories/2002_22_apache.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Broken Link"], "url": "http://www.osvdb.org/838"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "http://www.redhat.com/support/errata/RHSA-2002-126.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "http://www.redhat.com/support/errata/RHSA-2002-150.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "http://www.redhat.com/support/errata/RHSA-2003-106.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://www.securityfocus.com/bid/20005"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://www.securityfocus.com/bid/5033"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Broken Link"], "url": "http://www2.itrc.hp.com/service/cki/docDisplay.do?docLocale=en_US&docId=200000083816475"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Broken Link"], "url": "http://www2.itrc.hp.com/service/cki/docDisplay.do?docLocale=en_US&docId=200000083816475"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://lists.apache.org/thread.html/54a42d4b01968df1117cea77fc53d6beb931c0e05936ad02af93e9ac%40%3Ccvs.httpd.apache.org%3E"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://lists.apache.org/thread.html/5df9bfb86a3b054bb985a45ff9250b0332c9ecc181eec232489e7f79%40%3Ccvs.httpd.apache.org%3E"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://lists.apache.org/thread.html/r0276683d8e1e07153fc8642618830ac0ade85b9ae0dc7b07f63bb8fc%40%3Ccvs.httpd.apache.org%3E"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://lists.apache.org/thread.html/r2cb985de917e7da0848c440535f65a247754db8b2154a10089e4247b%40%3Ccvs.httpd.apache.org%3E"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://lists.apache.org/thread.html/r5001ecf3d6b2bdd0b732e527654248abb264f08390045d30709a92f6%40%3Ccvs.httpd.apache.org%3E"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://lists.apache.org/thread.html/r5419c9ba0951ef73a655362403d12bb8d10fab38274deb3f005816f5%40%3Ccvs.httpd.apache.org%3E"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://lists.apache.org/thread.html/r8828e649175df56f1f9e3919938ac7826128525426e2748f0ab62feb%40%3Ccvs.httpd.apache.org%3E"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://lists.apache.org/thread.html/r9e8622254184645bc963a1d47c5d47f6d5a36d6f080d8d2c43b2b142%40%3Ccvs.httpd.apache.org%3E"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://lists.apache.org/thread.html/rd00b45b93fda4a5bd013b28587207d0e00f99f6e3308dbb6025f3b01%40%3Ccvs.httpd.apache.org%3E"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://lists.apache.org/thread.html/rf2f0f3611f937cf6cfb3b4fe4a67f69885855126110e1e3f2fb2728e%40%3Ccvs.httpd.apache.org%3E"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E"}], "sourceIdentifier": "cve@mitre.org", "vendorComments": [{"comment": "Fixed in Apache HTTP Server 2.0.37 and 1.3.26:\nhttp://httpd.apache.org/security/vulnerabilities_20.html\nhttp://httpd.apache.org/security/vulnerabilities_13.html", "lastModified": "2008-07-02T00:00:00", "organization": "Apache"}], "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "NVD-CWE-noinfo"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{"affected_release": [{"advisory": "RHSA-2002:126", "cpe": "cpe:/o:redhat:enterprise_linux:2.1", "product_name": "Red Hat Enterprise Linux AS (Advanced Server) version 2.1", "release_date": "2002-07-12T00:00:00Z"}, {"advisory": "RHSA-2002:103", "cpe": "cpe:/o:redhat:linux:6.2", "product_name": "Red Hat Linux 6.2", "release_date": "2002-06-19T00:00:00Z"}, {"advisory": "RHSA-2002:103", "cpe": "cpe:/o:redhat:linux:7.0", "product_name": "Red Hat Linux 7.0", "release_date": "2002-06-19T00:00:00Z"}, {"advisory": "RHSA-2002:103", "cpe": "cpe:/o:redhat:linux:7.1", "product_name": "Red Hat Linux 7.1", "release_date": "2002-06-19T00:00:00Z"}, {"advisory": "RHSA-2003:106", "cpe": "cpe:/o:redhat:linux:7.1", "product_name": "Red Hat Linux 7.1", "release_date": "2003-04-22T00:00:00Z"}, {"advisory": "RHSA-2002:103", "cpe": "cpe:/o:redhat:linux:7.2", "product_name": "Red Hat Linux 7.2", "release_date": "2002-06-19T00:00:00Z"}, {"advisory": "RHSA-2002:103", "cpe": "cpe:/o:redhat:linux:7.3", "product_name": "Red Hat Linux 7.3", "release_date": "2002-06-19T00:00:00Z"}, {"advisory": "RHSA-2002:117", "cpe": "cpe:/a:redhat:secure_web_server:3.2", "product_name": "Red Hat Secure Web Server 3.2", "release_date": "2002-06-30T00:00:00Z"}, {"advisory": "RHSA-2002:118", "cpe": "cpe:/a:redhat:stronghold:3", "product_name": "Red Hat Stronghold 3", "release_date": "2002-06-20T00:00:00Z"}, {"advisory": "RHSA-2002:118", "cpe": "cpe:/a:redhat:stronghold:4", "product_name": "Red Hat Stronghold 4", "release_date": "2002-06-20T00:00:00Z"}, {"advisory": "RHSA-2002:150", "cpe": "cpe:/a:redhat:rhel_stronghold:4", "product_name": "Stronghold 4 for Red Hat Enterprise Linux", "release_date": "2002-07-31T00:00:00Z"}], "bugzilla": {"description": "security flaw", "id": "1616772", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1616772"}, "csaw": false, "details": ["Apache 1.3 through 1.3.24, and Apache 2.0 through 2.0.36, allows remote attackers to cause a denial of service and possibly execute arbitrary code via a chunk-encoded HTTP request that causes Apache to use an incorrect size."], "name": "CVE-2002-0392", "public_date": "2002-06-17T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2002-0392\nhttps://nvd.nist.gov/vuln/detail/CVE-2002-0392"], "threat_severity": "Moderate"}

Metrics

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact Partial

Integrity Impact Partial

Availability Impact Partial

Affected Vendors & Products

Metrics

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact Partial

Integrity Impact Partial

Availability Impact Partial

Affected Vendors & Products

JSON object

JSON object

JSON object

JSON object