Short Name |
HTTP:APACHE:PROXY-REMOTE-IP-OF |
---|---|
Severity |
Major |
Recommended |
Yes |
Category |
HTTP |
Keywords |
Apache httpd mod_remoteip Buffer Overflow |
Release Date |
2019/09/17 |
Update Number |
3208 |
Supported Platforms |
srx-17.3+, srx-branch-17.4+, vsrx-15.1+, vsrx3bsd-18.2+ |
This signature detects attempts to exploit a known vulnerability in the Apache httpd. Successful exploitation could lead to remote code execution under the context of the server, while an unsuccessful attack will lead to a denial-of-service condition.
In Apache HTTP Server 2.4.32-2.4.39, when mod_remoteip was configured to use a trusted intermediary proxy server using the "PROXY" protocol, a specially crafted PROXY header could trigger a stack buffer overflow or NULL pointer deference. This vulnerability could only be triggered by a trusted proxy and not by untrusted HTTP clients.