Intrusion PreventionApache.HTTP.Server.Authorization.Headers.Memory.Corruption
Description
This indicates an attack attempt against a Memory Corruption vulnerability in Apache httpd.
The vulnerability is caused by an error when the vulnerable software handles a HTTP request with malformed digest keys. A remote attacker can exploit this to gain access to sensitive information or crash vulnerable systems.
Affected Products
Apache Software Foundation httpd before version 2.4.27
Apache Software Foundation httpd before version 2.2.34
Impact
Information Disclosure: Remote attackers can gain sensitive information from vulnerable systems.
Denial Of Service: Remote attackers can crash vulnerable systems.
Recommended Actions
Apply the most recent upgrade or patch from the vendor.
https://httpd.apache.org/security/vulnerabilities_24.html
https://httpd.apache.org/security/vulnerabilities_22.html
Telemetry
Coverage
| IPS (Regular DB) | |
| IPS (Extended DB) |
Version Updates
| Date | Version | Detail |
|---|---|---|
| 2019-06-13 | 14.632 | Severity:high:critical |
| ID | 44297 |
| Created | Aug 01, 2017 |
| Updated | Nov 15, 2021 |
| Risk |
|
| CVE ID | CVE-2017-9788 |
| Exploit Prediction Score | 46.78% |
| Default Action | drop |
| Active | |
| Affected OS | Windows, Linux |
| Affected App | Apache |