HTTP: Apache httpd mod_remoteip Buffer Overflow
This signature detects attempts to exploit a known vulnerability in the Apache httpd. Successful exploitation could lead to remote code execution under the context of the server, while an unsuccessful attack will lead to a denial-of-service condition.
Extended Description
In Apache HTTP Server 2.4.32-2.4.39, when mod_remoteip was configured to use a trusted intermediary proxy server using the "PROXY" protocol, a specially crafted PROXY header could trigger a stack buffer overflow or NULL pointer deference. This vulnerability could only be triggered by a trusted proxy and not by untrusted HTTP clients.
Affected Products
Oracle communications_session_report_manager
References
CVE: CVE-2019-10097
Short Name
HTTP:APACHE:PROXY-REMOTE-IP-OF
Severity
Major
Recommended
True
Recommended Action
None
Category
HTTP
Keywords
Apache Buffer CVE-2019-10097 Overflow httpd mod_remoteip
Release Date
09/17/2019
Supported Platforms
srx-branch-19.3
vsrx3bsd-19.2
srx-19.4
vsrx3bsd-19.4
srx-branch-19.4
vsrx-19.4
vsrx-19.2
srx-19.3
srx-branch-12.3
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx-12.3
vmx-19.3
srx-12.3
Sigpack Version
3590
False Positive
Unknown
Vendors
Oracle
Apache
CVSS Score
6.0