Vulnerability Scanning Solutions, LLC.
Our Process
What We Scan For
Sample Report
Client List
Contact Us
What We Scan For
Family: Red Hat Local Security Checks --> Category: infos

RHSA-2002-126: apache Vulnerability Scan

Vulnerability Scan Summary
Check for the version of the apache packages

Detailed Explanation for this Vulnerability Test

The Apache Web server contains a security vulnerability which can be used
to launch a denial of service (DoS) attack or, in some cases, allow remote
code execution.

Versions of the Apache Web server up to and including 1.3.24 contain a bug
in the routines which deal with requests using "chunked" encoding.
A carefully crafted invalid request can cause an Apache child process to
call the memcpy() function in a way that will write past the end of its
buffer, corrupting the stack. On some platforms this can be remotely
exploited -- allowing arbitrary code to be run on the server.

The Common Vulnerabilities and Exposures project ( has
assigned the name CVE-2002-0392 to this issue.

All users of Apache should update to these errata packages to correct this
security issue.

Solution :
Threat Level: High

Click HERE for more information and discussions on this network vulnerability scan.


P.O. Box 827051

Pembroke Pines, FL 33082-7051

Vulnerability Scanning Solutions, LLC.