[Overview]
The Apache HTTP server is currently the most popular web server, which supports the use of various runtime loaded modules to extend its functionality. Recently, Apache HTTP Server fixed a denial of service vulnerability.
[Vulnerability Details]
CVE-2018-1303: The vulnerability is due to an incorrect validation of the HTTP request header. An attacker could exploit this vulnerability by sending a well-structured HTTP request to the target HTTP server. The request contains one or more null HTTP headers. If the server has the mod_cache_socache module enabled, it will highly cause a memory allocation failure. In turn it causes Apache HTTP Server crashes, which will implement a denial of service attack.
Vulnerability Source: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1303
[Severity]
Critical
[Affected Version]
- Apache HTTP Server Version 2.4.6 ->2.4.29
[Suggestions]
Update the patch provided by Apache to fix this vulnerability.
Official statement: https://httpd.apache.org/security/vulnerabilities_24.html
[Hillstone Networks Solution]
Hillstone Networks has added signatures to the IPS signature database version 2.1.234. By deploying any Hillstone Networks solution with the IPS function, the Apache HTTP server denial of service vulnerability can be quickly detected and effectively intercepted, preventing the server from being attacked.
Threat Events Detected by Hillstone Solutions
Vulnerability Detail Description