Here's the page we think you wanted. See search results instead:

Toggle Menu

Chat Live

Confirm Your Country or Area

Please Confirm

Confirm your country to access relevant pricing, special offers, events, and contact information.

What are you looking for?

MXG Signal Generator UXA Signal Analyzer UXM for Wi-Fi 7 PXA Signal Analyzer Find a solution Get technical support Take a class Find us at events Premium used equipment KeysightCare Buy online

No product matches found - System Exception

Apache httpd mod_lua Integer Underflow

Strike ID:

E22-cnhc1

CVSS:

9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

False Positive:

Variants:

Year:

2021

Description

A integer underflow vulnerability exists in multiple versions of Apache Software Foundation httpd prior to 2.4.52. The flaw is due to improper handling of the request body. An unauthenticated remote attacker may sent a crafted request to the target server. Successful exploitation could result in remote code execution or denial of service condition. * Target Apached server must have the mod_lua module enabled and have the lua-script handler set for Lua scripts stored on the server. * The target must contain a Lua script utilizing the r:parsebody() function.

CVE

https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-44790

References

https://httpd.apache.org/security/vulnerabilities_24.html

Welcome

What are you looking for?

Apache httpd mod_lua Integer Underflow

Description

CVE

References