SOL3279 - Heap-based buffer overflow in mod_proxy - CAN-2004-0492

2007-05-16T00:00:00
ID SOL3279
Type f5
Reporter f5
Modified 2013-03-29T00:00:00

Description

Heap-based buffer overflow in proxy_util.c for mod_proxy in Apache 1.3.25 to 1.3.31 allows remote attackers to cause a denial of service (process crash) and possibly execute arbitrary code by way of a negative Content-Length HTTP header field, which causes a large amount of data to be copied.

Information about this advisory is available at the following location:

Note: This link takes you to a resource outside of AskF5, and it is possible that the information may be removed without our knowledge.

<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0492>