HTTP: Apache HTTP Server mod_isapi Dangling Pointer Remote Code Execution
This signature detects attempts to exploit a known code execution vulnerability in Apache HTTP server. It is due an error in the mod_isapi when processing maliciously crafted HTTP requests. An attacker can exploit this to cause a memory corruption by sending a crafted HTTP request to a target server. A successful attack can lead to the execution of arbitrary code on the target server. The behavior of the target server depends entirely on the intention of the malicious code. The code executes within the security context of the affected service, which is SYSTEM. In an unsuccessful attack, the target server can terminate abnormally, resulting in a denial-of-service condition.
Extended Description
Apache is prone to a memory-corruption vulnerability. Attackers can leverage this vulnerability to execute arbitrary code with SYSTEM privileges; failed attacks may result in denial-of-service conditions. Apache versions prior to 2.2.15 are affected.
Affected Products
Blue_coat_systems director,Sun opensolaris
Short Name
HTTP:APACHE:MOD-ISAPI-RCE
Severity
Critical
Recommended
False
Recommended Action
Drop
Category
HTTP
Keywords
Apache CVE-2010-0425 Code Dangling Execution HTTP Pointer Remote Server bid:38494 mod_isapi
Release Date
10/13/2010
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3336
False Positive
Unknown
Vendors
Apache_software_foundation
Red_hat
Ibm
Blue_coat_systems
Sun
Rpath
Gentoo
Avaya
Fujitsu
Vmware
Slackware
Kolab
CVSS Score
10.0