HTTP: Apache httpd FilesMatch Directive Security Restriction Bypass
This signature detects attempts to exploit a known vulnerability against Apache httpd. A remote attacker can exploit this vulnerability by sending a HTTP PUT request with crafted URI to the remote HTTP server. Successful exploitation could result in security policy bypass and arbitrary file upload if the HTTP server is configured to allow file uploading like HTTP PUT method.
Extended Description
In Apache httpd 2.4.0 to 2.4.29, the expression specified in could match '$' to a newline character in a malicious filename, rather than matching only the end of the filename. This could be exploited in environments where uploads of some files are are externally blocked, but only by matching the trailing portion of the filename.
Affected Products
Netapp storagegrid
References
CVE: CVE-2017-15715
Short Name
HTTP:APACHE:FILEMATCH-BYPASS
Severity
Major
Recommended
True
Recommended Action
Drop
Category
HTTP
Keywords
Apache Bypass CVE-2017-15715 Directive FilesMatch Restriction Security httpd
Release Date
05/10/2018
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3590
False Positive
Unknown
Vendors
Apache
Netapp
Debian
Redhat
Canonical
CVSS Score
6.8