CVE-2002-0843 Information

Description

Buffer overflows in the ApacheBench benchmark support program (ab.c) in Apache before 1.3.27 and Apache 2.x before 2.0.43 allow a malicious web server to cause a denial of service and possibly execute arbitrary code via a long response.

Reference

ftp://patches.sgi.com/support/free/security/advisories/20021105-01-I http://archives.neohapsis.com/archives/bugtraq/2002-10/0229.html http://archives.neohapsis.com/archives/bugtraq/2002-10/0254.html http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000530 http://distro.conectiva.com/atualizacoes/?id=a&anuncio=000530 http://marc.info/?l=apache-httpd-announce&m=103367938230488&w=2 http://marc.info/?l=bugtraq&m=103376585508776&w=2 http://online.securityfocus.com/advisories/4617 http://secunia.com/advisories/21425 http://www.apacheweek.com/issues/02-10-04 http://www.debian.org/security/2002/dsa-187 http://www.debian.org/security/2002/dsa-188 http://www.debian.org/security/2002/dsa-195 http://www.iss.net/security_center/static/10281.php http://www.linux-mandrake.com/en/security/2002/MDKSA-2002-068.php http://www.linuxsecurity.com/advisories/other_advisory-2414.html http://www.securityfocus.com/bid/5887 http://www.securityfocus.com/bid/5995 http://www.securityfocus.com/bid/5996 http://www.vupen.com/english/advisories/2006/3263 http://www-1.ibm.com/support/search.wss?rs=0&q=IY87070&apar=only http://www14.software.ibm.com/webapp/set2/subscriptions/pqvcmjd?mode=18&ID=2871