HTTP: Apache httpd mod_lua req_parsebody Integer Underflow

This signature detects attempts to exploit a known vulnerability against Apache httpd. A successful attack can lead to a buffer overflow and arbitrary remote code execution within the context of the server.

Extended Description

A carefully crafted request body can cause a buffer overflow in the mod_lua multipart parser (r:parsebody() called from Lua scripts). The Apache httpd team is not aware of an exploit for the vulnerabilty though it might be possible to craft one. This issue affects Apache HTTP Server 2.4.51 and earlier.

Affected Products

Apache http_server

Short Name
HTTP:APACHE:HTTPD-MOD-LUA-OF
Severity
Major
Recommended
True
Recommended Action
Drop
Category
HTTP
Keywords
Apache CVE-2021-44790 Integer Underflow httpd mod_lua req_parsebody
Release Date
02/03/2022
Supported Platforms

mx-19.3

vmx-19.3

vsrx-19.2

srx-19.3

srx-branch-19.3

vsrx3bsd-19.2

srx-19.4

vsrx3bsd-19.4

srx-branch-19.4

vsrx-19.4

vmx-19.4

mx-19.4

srxevo-25.4

vsrx-26.2

srx-26.2

srx-branch-26.2

vsrx3bsd-26.2

mx-12.3

srx-12.3

srx-branch-12.3

vsrx-12.3

Sigpack Version
3885
False Positive
Unknown
Vendors

Netapp

Debian

Oracle

Tenable

Fedoraproject

Apple

Apache

CVSS Score

7.5

Found a potential security threat?

Report a Vulnerability