JVN/CVE Demo: Cveinfos

CVE

Id: 5233
CVE No.: CVE-2002-0843
Status: Candidate
Description: Buffer overflows in the ApacheBench benchmark support program (ab.c) in Apache before 1.3.27, and Apache 2.x before 2.0.43, allow a malicious web server to cause a denial of service and possibly execute arbitrary code via a long response.
Phase: Modified (20071016)
Votes: ACCEPT(3) Armstrong, Cole, Green | MODIFY(1) Cox | NOOP(1) Christey
Comments: Christey> CONFIRM:http://www.info.apple.com/usen/security/security_updates.html | Cox> Support inclusion decision: a user may well run ApacheBench against | their own server in a DMZ that has been compromised therefore leading | to a break across security zones. | Addref: RHSA-2002:251 | Addref: RHSA-2002:248 | Addref: RHSA-2002:244 | Addref: RHSA-2002:243 | Addref: RHSA-2002:222 | Change Apache Week ref to: http://www.apacheweek.com/issues/02-10-04#security | Christey> SGI:20021105-02-I | URL:ftp://patches.sgi.com/support/free/security/advisories/20021105-02-I | Christey> BUGTRAQ:20021016 Apache 1.3.26 | URL:http://archives.neohapsis.com/archives/bugtraq/2002-10/0229.html | XF:apache-apachebench-response-bo(10281) | URL:http://www.iss.net/security_center/static/10281.php | BID:5996 | URL:http://www.securityfocus.com/bid/5996

Actions

Related CVE References

Id	CVE Id	CVE No.	Reference	Actions
27887	5233	CVE-2002-0843	BUGTRAQ:20021016 Apache 1.3.26	View
27888	5233	CVE-2002-0843	URL:http://archives.neohapsis.com/archives/bugtraq/2002-10/0229.html	View
27889	5233	CVE-2002-0843	CONFIRM:http://www.apacheweek.com/issues/02-10-04	View
27890	5233	CVE-2002-0843	CONFIRM:http://marc.info/?l=apache-httpd-announce&m=103367938230488&w=2	View
27891	5233	CVE-2002-0843	CONFIRM:http://www14.software.ibm.com/webapp/set2/subscriptions/pqvcmjd?mode=18&ID=2871	View
27892	5233	CVE-2002-0843	AIXAPAR:IY87070	View
27893	5233	CVE-2002-0843	URL:http://www-1.ibm.com/support/search.wss?rs=0&q=IY87070&apar=only	View
27894	5233	CVE-2002-0843	CONECTIVA:CLA-2002:530	View
27895	5233	CVE-2002-0843	URL:http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000530	View
27896	5233	CVE-2002-0843	CONECTIVA:000530	View
27897	5233	CVE-2002-0843	URL:http://distro.conectiva.com/atualizacoes/?id=a&anuncio=000530	View
27898	5233	CVE-2002-0843	CONECTIVA:CLSA-2002:530	View
27899	5233	CVE-2002-0843	URL:http://distro.conectiva.com/atualizacoes/?id=a&anuncio=000530	View
27900	5233	CVE-2002-0843	ENGARDE:ESA-20021007-024	View
27901	5233	CVE-2002-0843	URL:http://www.linuxsecurity.com/advisories/other_advisory-2414.html	View
27902	5233	CVE-2002-0843	MANDRAKE:MDKSA-2002:068	View
27903	5233	CVE-2002-0843	URL:http://www.linux-mandrake.com/en/security/2002/MDKSA-2002-068.php	View
27904	5233	CVE-2002-0843	DEBIAN:DSA-187	View
27905	5233	CVE-2002-0843	URL:http://www.debian.org/security/2002/dsa-187	View
27906	5233	CVE-2002-0843	DEBIAN:DSA-188	View
27907	5233	CVE-2002-0843	URL:http://www.debian.org/security/2002/dsa-188	View
27908	5233	CVE-2002-0843	DEBIAN:DSA-195	View
27909	5233	CVE-2002-0843	URL:http://www.debian.org/security/2002/dsa-195	View
27910	5233	CVE-2002-0843	HP:HPSBUX0210-224	View
27911	5233	CVE-2002-0843	URL:http://online.securityfocus.com/advisories/4617	View
27912	5233	CVE-2002-0843	SGI:20021105-01-I	View
27913	5233	CVE-2002-0843	URL:ftp://patches.sgi.com/support/free/security/advisories/20021105-01-I	View
27914	5233	CVE-2002-0843	BUGTRAQ:20021003 [OpenPKG-SA-2002.009] OpenPKG Security Advisory (apache)	View
27915	5233	CVE-2002-0843	URL:http://marc.info/?l=bugtraq&m=103376585508776&w=2	View
27916	5233	CVE-2002-0843	BUGTRAQ:20021017 TSLSA-2002-0069-apache	View
27917	5233	CVE-2002-0843	URL:http://archives.neohapsis.com/archives/bugtraq/2002-10/0254.html	View
27918	5233	CVE-2002-0843	BID:5995	View
27919	5233	CVE-2002-0843	URL:http://www.securityfocus.com/bid/5995	View
27920	5233	CVE-2002-0843	BID:5996	View
27921	5233	CVE-2002-0843	URL:http://www.securityfocus.com/bid/5996	View
27922	5233	CVE-2002-0843	BID:5887	View
27923	5233	CVE-2002-0843	URL:http://www.securityfocus.com/bid/5887	View
27924	5233	CVE-2002-0843	VUPEN:ADV-2006-3263	View
27925	5233	CVE-2002-0843	URL:http://www.vupen.com/english/advisories/2006/3263	View
27926	5233	CVE-2002-0843	SECUNIA:21425	View
27927	5233	CVE-2002-0843	URL:http://secunia.com/advisories/21425	View
27928	5233	CVE-2002-0843	XF:apache-apachebench-response-bo(10281)	View

Related JVN

Id	JVN No.	Title	Summary	CVE No.	CVE Id	CVSS_v2	CVSS_v3	JVN URL	Actions
63915	JVNDB-2002-000242	Apache Bench におけるバッファオーバーフローの脆弱性	Apache HTTP Server において、ベンチマークテストを行う為のツール Apache Bench (ab) には、テスト対象のサーバから取得する "Server Software:" の文字列長に対するチェックが不適切であるため、異常に長い文字列を設定することによりバッファオーバーフローが発生する脆弱性が存在します。	CVE-2002-0843	5233	7.5		http://jvndb.jvn.jp/ja/contents/2002/JVNDB-2002-000242.html	View

Message	Memory use
Component initialization	1.39 MB
Controller action start	1.49 MB
Controller render start	2.32 MB
View render complete	2.79 MB

Message	Time in ms	Graph
Core Processing (Derived from $_SERVER["REQUEST_TIME"])	2.79
Event: Controller.initialize	0.02
Event: Controller.startup	0.06
Controller action	458.33
Event: Controller.beforeRender	5.26
» Processing toolbar data	5.17
Rendering View	13.07
» Event: View.beforeRender	0.02
» Rendering APP/View/Cveinfos/view.ctp	12.14
» Event: View.afterRender	0.02
» Event: View.beforeLayout	0.02
» Rendering APP/View/Layouts/default.ctp	0.52
» » Rendering CORE/Cake/View/Elements/sql_dump.ctp	0.08
Event: View.afterLayout	0.00

Constant	Value
APP	/virtual/inogo77/public_html/jvn/app/
APP_DIR	app
APPLIBS	/virtual/inogo77/public_html/jvn/app/Lib/
CACHE	/virtual/inogo77/public_html/jvn/app/tmp/cache/
CAKE	/virtual/inogo77/public_html/jvn/lib/Cake/
CAKE_CORE_INCLUDE_PATH	/virtual/inogo77/public_html/jvn/lib
CORE_PATH	/virtual/inogo77/public_html/jvn/lib/
CAKE_VERSION	2.6.0
CSS	/virtual/inogo77/public_html/jvn/app/webroot/css/
CSS_URL	css/
DS	/
FULL_BASE_URL	http://inogo77.s500.xrea.com
IMAGES	/virtual/inogo77/public_html/jvn/app/webroot/img/
IMAGES_URL	img/
JS	/virtual/inogo77/public_html/jvn/app/webroot/js/
JS_URL	js/
LOGS	/virtual/inogo77/public_html/jvn/app/tmp/logs/
ROOT	/virtual/inogo77/public_html/jvn
TESTS	/virtual/inogo77/public_html/jvn/app/Test/
TMP	/virtual/inogo77/public_html/jvn/app/tmp/
VENDORS	/virtual/inogo77/public_html/jvn/vendors/
WEBROOT_DIR	webroot
WWW_ROOT	/virtual/inogo77/public_html/jvn/app/webroot/

Environment Variable	Value
Php Version	5.6.40
Phprc	php56.ini
Php Fcgi Children	1
Pwd	/virtual/inogo77/public_html/.fast-cgi-bin
Php Fcgi Max Requests	10000
Shlvl	0
Path	/usr/local/bin:/usr/bin:/bin
Http Connection	close
Script Name	/jvn/app/webroot/index.php
Request Uri	/jvn/cveinfos/view/5233
Query String
Request Method	GET
Server Protocol	HTTP/1.1
Gateway Interface	CGI/1.1
Redirect Url	/jvn/app/webroot/cveinfos/view/5233
Remote Port	10037
Script Filename	/virtual/inogo77/public_html/jvn/app/webroot/index.php
Server Admin	[no address given]
Context Document Root	/virtual/inogo77/public_html
Context Prefix
Request Scheme	http
Document Root	/virtual/inogo77/public_html
Remote Addr	3.22.241.171
Server Port	80
Server Addr	160.251.151.205
Server Name	inogo77.s500.xrea.com
Server Software	Apache
Server Signature
Http Host	inogo77.s500.xrea.com
Http Accept Encoding	gzip, br, zstd, deflate
Http Cookie	advanced-frontend=e2c75jotvqcuuh8ip558mo9b23
Http User Agent	Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; ClaudeBot/1.0; +claudebot@anthropic.com)
Http Accept	/
Gem Home	/usr/local/rvm/gems/ruby-2.3.0
X Dostranslated Ip	3.22.241.171
Mm Country Code	US
Mmdb Info	result found
Mmdb Addr	3.22.241.171
Unique Id	aCUFRfRoHmsg9-KesvWgJAAAAJo
Redirect Status	200
Redirect Gem Home	/usr/local/rvm/gems/ruby-2.3.0
Redirect X Dostranslated Ip	3.22.241.171
Redirect Mm Country Code	US
Redirect Mmdb Info	result found
Redirect Mmdb Addr	3.22.241.171
Redirect Unique Id	aCUFRfRoHmsg9-KesvWgJAAAAJo
Redirect Redirect Status	200
Redirect Redirect Gem Home	/usr/local/rvm/gems/ruby-2.3.0
Redirect Redirect X Dostranslated Ip	3.22.241.171
Redirect Redirect Mm Country Code	US
Redirect Redirect Mmdb Info	result found
Redirect Redirect Mmdb Addr	3.22.241.171
Redirect Redirect Unique Id	aCUFRfRoHmsg9-KesvWgJAAAAJo
Fcgi Role	RESPONDER
Php Self	/jvn/app/webroot/index.php
Request Time Float	1747256645.9423
Request Time	1747256645

CVE

Actions

Related CVE References

Related JVN

Request History

Session

Request

Cake Params

Post data

Query string

Cookie

Current Route

Sql Logs

default

Memory

Timers

Logs

View Variables

App Constants

CakePHP Constants

PHP Environment

Included Files

Include Paths

Included Files