Signature Detail
This site is deprecated. Please CLICK HERE for latest updates
Short Name |
HTTP:APACHE:PROXY-REMOTE-IP-OF |
|---|---|
Severity |
Major |
Recommended |
Yes |
Category |
HTTP |
Keywords |
Apache httpd mod_remoteip Buffer Overflow |
Release Date |
2019/09/17 |
Update Number |
3208 |
Supported Platforms |
srx-17.3+, srx-branch-17.4+, vsrx-15.1+, vsrx3bsd-18.2+ |
HTTP: Apache httpd mod_remoteip Buffer Overflow
This signature detects attempts to exploit a known vulnerability in the Apache httpd. Successful exploitation could lead to remote code execution under the context of the server, while an unsuccessful attack will lead to a denial-of-service condition.
Extended Description
In Apache HTTP Server 2.4.32-2.4.39, when mod_remoteip was configured to use a trusted intermediary proxy server using the "PROXY" protocol, a specially crafted PROXY header could trigger a stack buffer overflow or NULL pointer deference. This vulnerability could only be triggered by a trusted proxy and not by untrusted HTTP clients.
Affected Products
- Apache http_server 2.4.32
- Apache http_server 2.4.33
- Apache http_server 2.4.34
- Apache http_server 2.4.35
- Apache http_server 2.4.36
- Apache http_server 2.4.37
- Apache http_server 2.4.38
- Apache http_server 2.4.39
References
- CVE: CVE-2019-10097