HTTP.Host.Header.Buffer.Overflow
Description
This indicates detection of an overly long HTTP Host value.
HTTP servers that have insufficient sanitizing of HTTP requests field might be prone to such an attack. Successful attacks may allow a remote attacker to execute arbitrary code within the context of the webserver, crash the affected application or deny services to legitimate users.
Affected Products
Any unprotected or misconfigured HTTP server is vulnerable to the attack.
Impact
System Compromise: Remote attackers can gain control of vulnerable systems.
Recommended Actions
Apply appropriate patch from the vendor or upgrade to non-vulnerable version if available.
Monitor the traffic from that network for any suspicious activity.
Telemetry
Coverage
IPS (Regular DB) | |
IPS (Extended DB) |