Short Name |
HTTP:LHTTPD:HOST-DOT-DOT-SLASH |
---|---|
Severity |
Major |
Recommended |
No |
Recommended Action |
Drop |
Category |
HTTP |
Keywords |
Light HTTPD Host Header Vulnerability |
Release Date |
2003/11/05 |
Update Number |
1213 |
Supported Platforms |
idp-4.0+, isg-3.0+, j-series-9.5+, mx-11.4+, srx-12.1+, srx-branch-12.1+, vmx-17.4+, vsrx-12.1+, vsrx3bsd-18.2+ |
This signature detects attempts to exploit a known vulnerability in Light HTTPD; an HTTP server provided with several distributions of Linux. Attackers can use a malformed Host: header value to remotely view files or execute arbitrary code on the target system.
A vulnerability has been reported in thttpd that may allow a remote attacker to execute arbitrary code on vulnerable host. The issue is reported to exist due to a lack of bounds checking by software, leading to a buffer overflow condition. The problem is reported to exist in the defang() function in libhttpd.c. This issue may allow an attacker to gain unauthorized access to a vulnerable host. Successful exploitation of this issue may allow an attacker to execute arbitrary code in the context of the web server in order to gain unauthorized access to a vulnerable system. thttpd versions 2.21 to 2.23b1 have been reported to be prone to this issue, however other versions may be affected as well.