HTTP: Apache httpd mod_sed Integer Overflow
This signature detects attempts to exploit a known vulnerability against Apache httpd mod_sed. A successful attack can lead to an integer overflow and remote code execution within the context of the Apache httpd.
Extended Description
Out-of-bounds Write vulnerability in mod_sed of Apache HTTP Server allows an attacker to overwrite heap memory with possibly attacker provided data. This issue affects Apache HTTP Server 2.4 version 2.4.52 and prior versions.
Affected Products
Apache http_server
References
CVE: CVE-2022-30522
URL: https://httpd.apache.org/security/vulnerabilities_24.html#2.4.53
Short Name
HTTP:APACHE:APACHE-MOD-SED-OF
Severity
Major
Recommended
False
Recommended Action
None
Category
HTTP
Keywords
Apache CVE-2022-23943 CVE-2022-30522 Integer Overflow httpd mod_sed
Release Date
06/06/2022
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3805
False Positive
Unknown
Vendors
Oracle
Apache
Fedoraproject
Debian
CVSS Score
7.5