HTTP: Apache httpd mod_lua req_parsebody Integer Underflow

This signature detects attempts to exploit a known vulnerability against Apache httpd. A successful attack can lead to a buffer overflow and arbitrary remote code execution within the context of the server.

Extended Description

A carefully crafted request body can cause a buffer overflow in the mod_lua multipart parser (r:parsebody() called from Lua scripts). The Apache httpd team is not aware of an exploit for the vulnerabilty though it might be possible to craft one. This issue affects Apache HTTP Server 2.4.51 and earlier.

Affected Products

Apple mac_os_x

Short Name
HTTP:APACHE:HTTPD-MOD-LUA-OF
Severity
Major
Recommended
True
Recommended Action
Drop
Category
HTTP
Keywords
Apache CVE-2021-44790 Integer Underflow httpd mod_lua req_parsebody
Release Date
02/03/2022
Supported Platforms

srx-branch-12.3

srx-19.3

srx-branch-19.3

vsrx3bsd-19.2

srx-branch-19.4

vsrx-19.4

mx-12.3

mx-19.4

vmx-19.4

mx-19.3

vsrx3bsd-19.4

srx-19.4

vsrx-12.3

vmx-19.3

vsrx-19.2

srx-12.3

Sigpack Version
3607
False Positive
Unknown
Vendors

Apple

Fedoraproject

Oracle

Apache

Netapp

Debian

Tenable

CVSS Score

7.5

Found a potential security threat?