CVE-2002-0843

Apache HTTP Server < 1.3.27 and 2.x < 2.0.43 - Denial of Service and Remote Code Execution via Long Response

Title source: llm
STIX 2.1

Description

Buffer overflows in the ApacheBench benchmark support program (ab.c) in Apache before 1.3.27, and Apache 2.x before 2.0.43, allow a malicious web server to cause a denial of service and possibly execute arbitrary code via a long response.

References (28)

Core 28
Core References
Vendor Advisory x_refsource_confirm
http://www.apacheweek.com/issues/02-10-04
Third Party Advisory vendor-advisory x_refsource_debian
http://www.debian.org/security/2002/dsa-188
Various Sources vendor-advisory x_refsource_conectiva
http://distro.conectiva.com/atualizacoes/?id=a&anuncio=000530
Various Sources vendor-advisory x_refsource_engarde
http://www.linuxsecurity.com/advisories/other_advisory-2414.html
Third Party Advisory, VDB Entry vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/5996
Various Sources vendor-advisory x_refsource_aixapar
http://www-1.ibm.com/support/search.wss?rs=0&q=IY87070&apar=only
Vendor Advisory vendor-advisory x_refsource_sgi
ftp://patches.sgi.com/support/free/security/advisories/20021105-01-I
Third Party Advisory, VDB Entry vendor-advisory x_refsource_hp
http://online.securityfocus.com/advisories/4617
Third Party Advisory vdb-entry x_refsource_vupen
http://www.vupen.com/english/advisories/2006/3263
Third Party Advisory mailing-list x_refsource_bugtraq
http://archives.neohapsis.com/archives/bugtraq/2002-10/0229.html
Third Party Advisory vendor-advisory x_refsource_debian
http://www.debian.org/security/2002/dsa-187
Third Party Advisory, VDB Entry vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/5887
Third Party Advisory vendor-advisory x_refsource_debian
http://www.debian.org/security/2002/dsa-195
Mailing List mailing-list x_refsource_bugtraq
http://marc.info/?l=bugtraq&m=103376585508776&w=2
Various Sources vendor-advisory x_refsource_mandrake
http://www.linux-mandrake.com/en/security/2002/MDKSA-2002-068.php
Vendor Advisory vendor-advisory x_refsource_conectiva
http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000530
Third Party Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/21425
Third Party Advisory mailing-list x_refsource_bugtraq
http://archives.neohapsis.com/archives/bugtraq/2002-10/0254.html
Third Party Advisory, VDB Entry vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/5995
Third Party Advisory vdb-entry x_refsource_xf
http://www.iss.net/security_center/static/10281.php

Scores

EPSS 0.2142
EPSS Percentile 97.3%

Details

Status published
Products (29)
apache/http_server 1.3
apache/http_server 1.3.1
apache/http_server 1.3.3
apache/http_server 1.3.4
apache/http_server 1.3.6
apache/http_server 1.3.9
apache/http_server 1.3.11
apache/http_server 1.3.12
apache/http_server 1.3.14
apache/http_server 1.3.17
... and 19 more
Published Oct 11, 2002
Tracked Since Feb 18, 2026