Signature Detail

HTTP: Post Bad Header Evasion

This signature detects attempts to exploit a known vulnerability against EmbedThis GoAhead. A successful attack can lead to denial of service.

Extended Description

In http.c in Embedthis GoAhead before 4.1.1 and 5.x before 5.0.1, a header parsing vulnerability causes a memory assertion, out-of-bounds memory reference, and potential DoS, as demonstrated by a colon on a line by itself.

Affected Products

• Embedthis goahead -
• Embedthis goahead 2.1.5
• Embedthis goahead 2.1.8
• Embedthis goahead 2.5.0
• Embedthis goahead 3.0.0
• Embedthis goahead 3.1.0
• Embedthis goahead 3.1.1
• Embedthis goahead 3.1.2
• Embedthis goahead 3.1.3
• Embedthis goahead 3.3.0
• Embedthis goahead 3.3.1
• Embedthis goahead 3.3.2
• Embedthis goahead 3.3.3
• Embedthis goahead 3.3.4
• Embedthis goahead 3.3.5
• Embedthis goahead 3.3.6
• Embedthis goahead 3.4.0
• Embedthis goahead 3.4.1
• Embedthis goahead 3.4.10
• Embedthis goahead 3.4.11
• Embedthis goahead 3.4.12
• Embedthis goahead 3.4.2
• Embedthis goahead 3.4.3
• Embedthis goahead 3.4.4
• Embedthis goahead 3.4.5
• Embedthis goahead 3.4.6
• Embedthis goahead 3.4.7
• Embedthis goahead 3.4.8
• Embedthis goahead 3.4.9
• Embedthis goahead 3.5.0
• Embedthis goahead 3.6.0
• Embedthis goahead 3.6.1
• Embedthis goahead 3.6.2
• Embedthis goahead 3.6.3
• Embedthis goahead 3.6.4
• Embedthis goahead 3.6.5
• Embedthis goahead 4.0.0
• Embedthis goahead 4.0.1
• Embedthis goahead 4.0.2
• Embedthis goahead 4.1.0
• Embedthis goahead 5.0.0

References

• CVE: CVE-2019-12822