Buffer Overflow Vulnerability in ApacheBench by Apache Software Foundation
CVE-2002-0843

Currently unrated

Key Information:

Vendor: Oracle
Status: Application Server; Http Server; Oracle8i; Database Server
Vendor: CVE Published:; 11 October 2002

Summary

A buffer overflow vulnerability exists in the ApacheBench benchmark support program (ab.c), affecting Apache versions prior to 1.3.27 and 2.x before 2.0.43. This flaw allows a malicious web server to craft a long response that could lead to a denial of service condition and potentially allow arbitrary code execution. Users of vulnerable Apache versions are advised to apply security patches provided by the vendor to mitigate the risks associated with this vulnerability.

References

http://www.debian.org/security/2002/dsa-188

vendor-advisoryx_refsource_DEBIAN

http://distro.conectiva.com/atualizacoes/?id=a&anuncio=00...

vendor-advisoryx_refsource_CONECTIVA

http://marc.info/?l=apache-httpd-announce&m=1033679382304...

x_refsource_CONFIRM

Timeline

Vulnerability published
Oct 11, 2002
Vulnerability Reserved
Aug 8, 2002