Home | FAQ | Contact | Privacy Policy
US-CERT
Vulnerability
Notes
Database

Search Vulnerability Notes

Vulnerability Notes Help Information
 

 View Notes By
Name

ID Number

CVE Name

Date Public

Date Published

Date Updated

Severity Metric

 Other Documents
Technical Alerts

Technical Bulletins

Alerts

Security Tips

Unisphere Networks Information for VU#944335

Date Notified:2002-06-14
Date Updated:
Statement Date:
Status Summary:Vulnerable

Vendor Statement

CUSTOMER SERVICE TECHNICAL BULLETIN

SUBJECT: CERT Advisory CA-2002-17: Apache Web Server Chunk Handling Vulnerability
BULLETIN NUMBER: SSC_PSN-001
BULLETIN TYPE: Product Support Notification
AFFECTED PRODUCTS: SSC
ISSUE DATE: 06/26/2002
REVISION: 1.0

PROBLEM DESCRIPTION:
The CERT Coordination Center released an advisory on June 17, 2002 entitled, "CERT Advisory CA-2002-17 Apache Web Server Chunk Handling Vulnerability". The URL for the full text of the advisory can be found at:


AFFECTED PRODUCT(S):
SSC

SOLUTION:
The following releases of software have been found to suffer no negative effects from vulnerability outlined in CERT Advisory CA-2002-17:
    2-0-2p2
    2-0-3p2

All future releases of SSC will include the updated version of Apache web server that corrects this vulnerability.

Earlier releases of software may allow the execution of arbitrary code by remote attackers. Information needed to exploit this vulnerability is publicly known.

Affected releases include:
    2-0-0 -- 2-0-2p1
    2-0-3 -- 2-0-3p1

This Product Support Notification is publicly viewable on the Web at:

If you have any questions concerning this notice, or to obtain the latest patch release, please contact Unisphere Networks Customer Service.

Inside the U.S. call: (800) 424-2344
Outside the U.S. call: (978) 589-9000
Via the Web @ http://support.unispherenetworks.com
Via email @ support@unispherenetworks.com

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

The CERT/CC has no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us email.
 

Produced 2009 by US-CERT, a government organization
Disclaimers and copyright information