CVE-2002-0392 (CNNVD-200207-041)
HIGH
有利用代码
中文标题:
Apache Web Server 安全漏洞
英文标题:
Apache 1.3 through 1.3.24, and Apache 2.0 through 2.0.36, allows remote attackers to cause a denial ...
CVSS分数:
7.5
发布时间:
2003-04-02 05:00:00
漏洞类型:
其他
状态:
PUBLISHED
数据质量分数:
0.30
数据版本:
v6
漏洞描述
中文描述:
Apache Web Server是一款非常流行的开放源码、功能强大的Web服务器程序,由Apache Software Foundation开发和维护。它可以运行在多种操作系统平台下,例如Unix/Linux/BSD系统以及Windows系统。Apache在处理以分块(chunked)方式传输数据的HTTP请求时存在设计漏洞,远程攻击者可能利用此漏洞在某些Apache服务器上以Web服务器进程的权限执行任意指令或进行拒绝服务攻击。分块编码(chunked encoding)传输方式是HTTP 1.1协议中定义的Web用户向服务器提交数据的一种方法,当服务器收到chunked编码方式的数据时会分配一个缓冲区存放之,如果提交的数据大小未知,客户端会以一个协商好的分块大小向服务器提交数据。Apache服务器缺省也提供了对分块编码(chunked encoding)支持。Apache使用了一个有符号变量储存分块长度,同时分配了一个固定大小的堆栈缓冲区来储存分块数据。出于安全考虑,在将分块数据拷贝到缓冲区之前,Apache会对分块长度进行检查,如果分块长度大于缓冲区长度,Apache将最多只拷贝缓冲区长度的数据,否则,则根据分块长度进行数据拷贝。然而在进行上述检查时,没有将分块长度转换为无符号型进行比较,因此,如果攻击者将分块长度设置成一个负值,就会绕过上述安全检查,Apache会将一个超长(至少>0x80000000字节)的分块数据拷贝到缓冲区中,这会造成一个缓冲区溢出。对于1.3到1.3.24(含1.3.24)版本的Apache,现在已经证实在Win32系统下, 远程攻击者可能利用这一漏洞执行任意代码。在UNIX系统下,也已经证实至少在OpenBSD系统下可以利用这一漏洞执行代码。据报告称下列系统也可以成功的利用: * Sun Solaris 6-8 (sparc/x86) * FreeBSD 4.3-4.5 (x86) * OpenBSD 2.6-3.1 (x86) * Linux (GNU) 2.4 (x86)对于Apache 2.0到2.0.36(含2.0.36),尽管存在同样的问题代码,但它会检测错误出现的条件并使子进程退出。根据不同因素,包括受影响系统支持的线程模式的影响,本漏洞可导致各种操作系统下运行的Apache Web服务器拒绝服务。
英文描述:
Apache 1.3 through 1.3.24, and Apache 2.0 through 2.0.36, allows remote attackers to cause a denial of service and possibly execute arbitrary code via a chunk-encoded HTTP request that causes Apache to use an incorrect size.
CWE类型:
(暂无数据)
标签:
remote
windows_x86
Metasploit
OSVDB-838
multiple
Gobbles Security
受影响产品
| 厂商 | 产品 | 版本 | 版本范围 | 平台 | CPE |
|---|---|---|---|---|---|
| apache | http_server | * | - | - |
cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*
|
| debian | debian_linux | 2.2 | - | - |
cpe:2.3:o:debian:debian_linux:2.2:*:*:*:*:*:*:*
|
解决方案
中文解决方案:
(暂无数据)
英文解决方案:
(暂无数据)
临时解决方案:
(暂无数据)
参考链接
20020605-01-I
vendor-advisory
cve.org
访问
cve.org
RHSA-2002:150
vendor-advisory
cve.org
访问
cve.org
CSSA-2002-SCO.32
vendor-advisory
cve.org
访问
cve.org
CA-2002-17
third-party-advisory
cve.org
访问
cve.org
RHSA-2002:118
vendor-advisory
cve.org
访问
cve.org
RHSA-2003:106
vendor-advisory
cve.org
访问
cve.org
20005
vdb-entry
cve.org
访问
cve.org
DSA-133
vendor-advisory
cve.org
访问
cve.org
SSRT050968
vendor-advisory
cve.org
访问
cve.org
CSSA-2002-029.0
vendor-advisory
cve.org
访问
cve.org
CSSA-2002-SCO.31
vendor-advisory
cve.org
访问
cve.org
ESA-20020619-014
vendor-advisory
cve.org
访问
cve.org
无标题
x_refsource_CONFIRM
cve.org
访问
cve.org
SuSE-SA:2002:022
vendor-advisory
cve.org
访问
cve.org
VU#944335
third-party-advisory
cve.org
访问
cve.org
DSA-132
vendor-advisory
cve.org
访问
cve.org
HPSBTL0206-049
vendor-advisory
cve.org
访问
cve.org
20020619 [OpenPKG-SA-2002.004] OpenPKG Security Advisory (apache)
mailing-list
cve.org
访问
cve.org
HPSBUX0207-197
vendor-advisory
cve.org
访问
cve.org
838
vdb-entry
cve.org
访问
cve.org
DSA-131
vendor-advisory
cve.org
访问
cve.org
CLSA-2002:498
vendor-advisory
cve.org
访问
cve.org
20020605-01-A
vendor-advisory
cve.org
访问
cve.org
20020621 [slackware-security] new apache/mod_ssl packages available
mailing-list
cve.org
访问
cve.org
20020621 [SECURITY] Remote exploit for 32-bit Apache HTTP Server known
mailing-list
cve.org
访问
cve.org
MDKSA-2002:039
vendor-advisory
cve.org
访问
cve.org
apache-chunked-encoding-bo(9249)
vdb-entry
cve.org
访问
cve.org
RHSA-2002:126
vendor-advisory
cve.org
访问
cve.org
RHSA-2002:103
vendor-advisory
cve.org
访问
cve.org
ADV-2006-3598
third-party-advisory
cve.org
访问
cve.org
5033
vdb-entry
cve.org
访问
cve.org
RHSA-2002:117
vendor-advisory
cve.org
访问
cve.org
21917
third-party-advisory
cve.org
访问
cve.org
[httpd-cvs] 20190815 svn commit: r1048742 [2/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html
mailing-list
cve.org
访问
cve.org
[httpd-cvs] 20190815 svn commit: r1048743 [2/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html
mailing-list
cve.org
访问
cve.org
[httpd-cvs] 20200401 svn commit: r1058586 [2/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html
mailing-list
cve.org
访问
cve.org
[httpd-cvs] 20200401 svn commit: r1058587 [2/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html
mailing-list
cve.org
访问
cve.org
[httpd-cvs] 20210330 svn commit: r1073139 [1/13] - in /websites/staging/httpd/trunk/content: ./ security/json/
mailing-list
cve.org
访问
cve.org
[httpd-cvs] 20210330 svn commit: r1073140 [1/4] - in /websites/staging/httpd/trunk/content: ./ security/cvejsontohtml.py security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html
mailing-list
cve.org
访问
cve.org
[httpd-cvs] 20210330 svn commit: r1073140 [2/4] - in /websites/staging/httpd/trunk/content: ./ security/cvejsontohtml.py security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html
mailing-list
cve.org
访问
cve.org
[httpd-cvs] 20210330 svn commit: r1073143 [2/3] - in /websites/staging/httpd/trunk/content: ./ security/
mailing-list
cve.org
访问
cve.org
[httpd-cvs] 20210330 svn commit: r1073149 [2/13] - in /websites/staging/httpd/trunk/content: ./ security/ security/json/
mailing-list
cve.org
访问
cve.org
[httpd-cvs] 20210330 svn commit: r1073149 [1/13] - in /websites/staging/httpd/trunk/content: ./ security/ security/json/
mailing-list
cve.org
访问
cve.org
[httpd-cvs] 20210606 svn commit: r1075470 [1/4] - in /websites/staging/httpd/trunk/content: ./ security/json/CVE-2020-13938.json security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html
mailing-list
cve.org
访问
cve.org
[httpd-cvs] 20210606 svn commit: r1075470 [2/4] - in /websites/staging/httpd/trunk/content: ./ security/json/CVE-2020-13938.json security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html
mailing-list
cve.org
访问
cve.org
ExploitDB EDB-16782
EXPLOIT
exploitdb
访问
exploitdb
Download Exploit EDB-16782
EXPLOIT
exploitdb
访问
exploitdb
CVE Reference: CVE-2002-0392
ADVISORY
cve.org
访问
cve.org
ExploitDB EDB-21559
EXPLOIT
exploitdb
访问
exploitdb
Download Exploit EDB-21559
EXPLOIT
exploitdb
访问
exploitdb
ExploitDB EDB-21560
EXPLOIT
exploitdb
访问
exploitdb
Download Exploit EDB-21560
EXPLOIT
exploitdb
访问
exploitdb
CVSS评分详情
7.5
HIGH
CVSS向量:
AV:N/AC:L/Au:N/C:P/I:P/A:P
CVSS版本:
2.0
机密性
PARTIAL
完整性
PARTIAL
可用性
PARTIAL
时间信息
发布时间:
2003-04-02 05:00:00
修改时间:
2024-08-08 02:49:28
创建时间:
2025-11-11 15:32:15
更新时间:
2025-11-11 16:16:23
利用信息
此漏洞有可利用代码!
利用代码数量:
3
利用来源:
未知
未知
未知
数据源详情
| 数据源 | 记录ID | 版本 | 提取时间 |
|---|---|---|---|
| CVE | cve_CVE-2002-0392 |
2025-11-11 15:17:23 | 2025-11-11 07:32:15 |
| NVD | nvd_CVE-2002-0392 |
2025-11-11 14:50:27 | 2025-11-11 07:41:01 |
| CNNVD | cnnvd_CNNVD-200207-041 |
2025-11-11 15:08:41 | 2025-11-11 07:48:48 |
| EXPLOITDB | exploitdb_EDB-16782 |
2025-11-11 15:05:59 | 2025-11-11 08:11:14 |
| EXPLOITDB | exploitdb_EDB-21559 |
2025-11-11 15:05:28 | 2025-11-11 08:16:23 |
| EXPLOITDB | exploitdb_EDB-21560 |
2025-11-11 15:05:28 | 2025-11-11 08:16:23 |
版本与语言
当前版本:
v6
主要语言:
EN
支持语言:
EN
ZH
其他标识符:
:
:
:
:
:
:
安全公告
暂无安全公告信息
变更历史
v6
EXPLOITDB
2025-11-11 16:16:23
references_count: 50 → 52
查看详细变更
- references_count: 50 -> 52
v5
EXPLOITDB
2025-11-11 16:16:23
references_count: 48 → 50; tags_count: 4 → 6
查看详细变更
- references_count: 48 -> 50
- tags_count: 4 -> 6
v4
EXPLOITDB
2025-11-11 16:11:14
references_count: 45 → 48; tags_count: 0 → 4; data_sources: ['cnnvd', 'cve', 'nvd'] → ['cnnvd', 'cve', 'exploitdb', 'nvd']
查看详细变更
- references_count: 45 -> 48
- tags_count: 0 -> 4
- data_sources: ['cnnvd', 'cve', 'nvd'] -> ['cnnvd', 'cve', 'exploitdb', 'nvd']
v3
CNNVD
2025-11-11 15:48:48
vulnerability_type: 未提取 → 其他; cnnvd_id: 未提取 → CNNVD-200207-041; data_sources: ['cve', 'nvd'] → ['cnnvd', 'cve', 'nvd']
查看详细变更
- vulnerability_type: 未提取 -> 其他
- cnnvd_id: 未提取 -> CNNVD-200207-041
- data_sources: ['cve', 'nvd'] -> ['cnnvd', 'cve', 'nvd']
v2
NVD
2025-11-11 15:41:01
severity: SeverityLevel.MEDIUM → SeverityLevel.HIGH; cvss_score: 未提取 → 7.5; cvss_vector: NOT_EXTRACTED → AV:N/AC:L/Au:N/C:P/I:P/A:P; cvss_version: NOT_EXTRACTED → 2.0; affected_products_count: 0 → 2; references_count: 46 → 45; data_sources: ['cve'] → ['cve', 'nvd']
查看详细变更
- severity: SeverityLevel.MEDIUM -> SeverityLevel.HIGH
- cvss_score: 未提取 -> 7.5
- cvss_vector: NOT_EXTRACTED -> AV:N/AC:L/Au:N/C:P/I:P/A:P
- cvss_version: NOT_EXTRACTED -> 2.0
- affected_products_count: 0 -> 2
- references_count: 46 -> 45
- data_sources: ['cve'] -> ['cve', 'nvd']