Apache vulnerability
Ronnie Gauthier
linux
Mon May 17 11:33:27 PDT 2004
CERT Advisory CA-2002-17 Apache Web Server Chunk Handling Vulnerability
Original release date: June 17, 2002
Systems Affected
* Web servers based on Apache code versions 1.3 through 1.3.24
* Web servers based on Apache code versions 2.0 through 2.0.36
Overview
There is a remotely exploitable vulnerability in the handling of large
chunks of data in web servers that are based on Apache source code.
This vulnerability is present by default in configurations of Apache
web servers versions 1.3 through 1.3.24 and versions 2.0 through
2.0.36. The impact of this vulnerability is dependent upon the
software version and the hardware platform the server is running on.
I. Description
Apache is a popular web server that includes support for chunk-encoded
data according to the HTTP 1.1 standard as described in RFC2616. There
is a vulnerability in the handling of certain chunk-encoded HTTP
requests that may allow remote attackers to execute arbitrary code.
The Apache Software Foundation has published an advisory describing
the details of this vulnerability. This advisory is available on their
web site at
http://httpd.apache.org/info/security_bulletin_20020617.txt
II. Impact
For Apache versions 1.3 through 1.3.24 inclusive, this vulnerability
may allow the execution of arbitrary code by remote attackers. Several
sources have reported that this vulnerability can be used by intruders
to execute arbitrary code on Windows platforms. Additionally, the
Apache Software Foundation has reported that a similar attack may
allow the execution of arbitrary code on 64-bit UNIX systems.
For Apache versions 2.0 through 2.0.36 inclusive, the condition
causing the vulnerability is correctly detected and causes the child
process to exit. Depending on a variety of factors, including the
threading model supported by the vulnerable system, this may lead to a
denial-of-service attack against the Apache web server.
More information about the Linux-users
mailing list