CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
EPSS
Percentile
98.2%
Added: 05/08/2006
CVE: CVE-2002-0392
BID: 5033
OSVDB: 838
Apache web servers support chunked encoding, which is used by a web client to send data to the server in parts, or chunks.
A flaw in the calculation of the size of chunked encoding leads to a buffer overflow, allowing remote command execution.
Upgrade to the latest version of Apache.
<http://www.cert.org/advisories/CA-2002-17.html>
Due to the nature of this vulnerability, this exploit may not always be reliable.
Windows