Short Name |
HTTP:APACHE:MOD-DAV-MERGE-DOS |
---|---|
Severity |
Major |
Recommended |
No |
Recommended Action |
Drop |
Category |
HTTP |
Keywords |
Apache HTTP Server mod_dav MERGE Request Denial of Service |
Release Date |
2013/08/07 |
Update Number |
2288 |
Supported Platforms |
idp-4.0+, isg-3.1.134269+, j-series-9.5+, mx-11.4+, srx-12.1+, srx-branch-12.1+, vmx-17.4+, vsrx-12.1+, vsrx3bsd-18.2+ |
This signature detects attempts to exploit a known vulnerability in the mod_dav component of Apache HTTP Server. It is due to a NULL pointer deference when processing a MERGE request with a URI whose source href points to a non-DAV configured URI. A remote attacker may send a crafted HTTP request to cause a denial of service condition.
mod_dav.c in the Apache HTTP Server before 2.2.25 does not properly determine whether DAV is enabled for a URI, which allows remote attackers to cause a denial of service (segmentation fault) via a MERGE request in which the URI is configured for handling by the mod_dav_svn module, but a certain href attribute in XML data refers to a non-DAV URI.