oval:org.mitre.oval:def:4863

Definition Id: oval:org.mitre.oval:def:4863

Oval ID:	oval:org.mitre.oval:def:4863
Title:	Apache Mod_Proxy Remote Negative Content-Length Buffer Overflow
Description:	Heap-based buffer overflow in proxy_util.c for mod_proxy in Apache 1.3.25 to 1.3.31 allows remote attackers to cause a denial of service (process crash) and possibly execute arbitrary code via a negative Content-Length HTTP header field, which causes a large amount of data to be copied.
Family:	unix	Class:	vulnerability
Reference(s):	CVE-2004-0492	Version:	1
Platform(s):	Sun Solaris 8 Sun Solaris 9	Product(s):	Apache
Definition Synopsis:
Software section Solaris 8 or 9 installed Solaris 8 Installed AND Solaris 9 Installed AND NOT Patch 116973-01 or later installed AND NOT Patch 113146-05 or later installed AND Apache (SUNWapchu) installed AND Configuration section Apache running (httpd)