HTTP: Apache HttpD Mod Cache SoCache Denial of Service
This signature detects attempts to exploit a known vulnerability against Apache HTTPD mod_cache_socache. A successful attack can result in a denial-of-service condition.
Extended Description
A specially crafted HTTP request header could have crashed the Apache HTTP Server prior to version 2.4.30 due to an out of bound read while preparing data to be cached in shared memory. It could be used as a Denial of Service attack against users of mod_cache_socache. The vulnerability is considered as low risk since mod_cache_socache is not widely used, mod_cache_disk is not concerned by this vulnerability.
Affected Products
Netapp storagegrid
Short Name
HTTP:APACHE:HTTPD-MOD-CACHE-DOS
Severity
Minor
Recommended
True
Recommended Action
Drop
Category
HTTP
Keywords
Apache CVE-2018-1303 Cache Denial HttpD Mod Service SoCache bid:103522 of
Release Date
04/17/2018
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3590
False Positive
Unknown
Vendors
Apache
Netapp
Debian
Canonical
CVSS Score
5.0