Date: Tue, 18 Jun 2002 21:17:59 -0700 (PDT) From: Muhammad Faisal Rauf Danka <mfrd@attitudex.com> To: freebsd-security@freebsd.org Subject: Apache Web Server Chunk Handling Vulnerability Message-ID: <20020619041759.ECD6E2756@sitemail.everyone.net>
next in thread | raw e-mail | index | archive | help
There is a remotely exploitable vulnerability in the way that Apache web servers (or other web servers based on their source code) handle data encoded in chunks. This vulnerability is present by default in configurations of Apache web server versions 1.2.2 and above, 1.3 through 1.3.24, and versions 2.0 through 2.0.36. The impact of this vulnerability is dependent upon the software version and the hardware platform the server is running on. Detailed CERT advisory can be found at: http://www.cert.org/advisories/CA-2002-17.html You can download the new releases from: http://www.apache.org/dist/httpd/ Regards, --------- Muhammad Faisal Rauf Danka Chief Technology Officer Gem Internet Services (Pvt) Ltd. web: www.gem.net.pk Vice President Pakistan Computer Emergency Responce Team (PakCERT) web: www.pakcert.org Chief Security Analyst Applied Technology Research Center (ATRC) web: www.atrc.net.pk _____________________________________________________________ --------------------------- [ATTITUDEX.COM] http://www.attitudex.com/ --------------------------- _____________________________________________________________ Promote your group and strengthen ties to your members with email@yourgroup.org by Everyone.net http://www.everyone.net/?btn=tag To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20020619041759.ECD6E2756>