Description

This alert was generated using only banner information. It may be a false positive.

Apache does not properly calculate buffer size when processing request encoded as 'Chunked'. It's possible to exploit this flaw resulting execution of arbitrary code.

Affected Apache versions (up to 2.0.38 for Apache 2.x and up to 1.3.25 for Apache 1.x).

Remediation

Upgrade Apache to the latest version.

References

BID 5033

Apache homepage

Related Vulnerabilities

MediaWiki CVE-2022-28205 Vulnerability (CVE-2022-28205)

WordPress Plugin Google Doc Embedder Cross-Site Scripting (2.5.18)

WordPress Plugin Ninja Announcements Lite 'ninja_annc.php' SQL Injection (1.2.3)

Oracle JRE CVE-2022-21271 Vulnerability (CVE-2022-21271)

Oracle Database Server CVE-2014-6563 Vulnerability (CVE-2014-6563)

Severity

High

Classification

CVE-2002-0392 CWE-119 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:L CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N

Tags

Code Execution Missing Update