Sun Microsystems, Inc. Information for VU#944335
Apache web servers fail to handle chunks with a negative size
- Vendor Information Help Date Notified: 14 Jun 2002
- Statement Date:
- Date Updated: 24 Jun 2002
Sun bundles the Apache Web Server freeware product with Solaris 8 (Apache/1.3.12) and 9 (Apache/1.3.22). Both versions are affected by this vulnerability. Sun are presently producing patches for this issue for Solaris 8 and 9. Once the patches are available, we will be publishing a Sun Alert available from:
The vendor has not provided us with any further information regarding this vulnerability.
The CERT/CC has no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us email.