Description

This alert was generated using only banner information. It may be a false positive.

Apache does not properly calculate buffer size when processing request encoded as 'Chunked'. It's possible to exploit this flaw resulting execution of arbitrary code.

Affected Apache versions (up to 2.0.38 for Apache 2.x and up to 1.3.25 for Apache 1.x).

Remediation

Upgrade Apache to the latest version.

References

BID 5033

Apache homepage

Related Vulnerabilities

WordPress Plugin Job Manager Multiple Cross-Site Scripting Vulnerabilities (0.7.18)

PHP Other Vulnerability (CVE-2007-4441)

Django Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2016-6186)

Jenkins Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2012-4440)

WordPress Plugin Thrive Ultimatum Security Bypass (2.3.9.3)

Severity

High

Classification

CVE-2002-0392 CWE-119 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:L CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N

Tags

Code Execution Missing Update