Signature Detail

HTTP: Apache HTTP Server mod_isapi Dangling Pointer Remote Code Execution1

This signature detects attempts to exploit a known code execution vulnerability in Apache HTTP server. It is due an error in the mod_isapi when processing maliciously crafted HTTP requests. An attacker can exploit this to cause a memory corruption by sending a crafted HTTP request to a target server. A successful attack can lead to the execution of arbitrary code on the target server. The behavior of the target server depends entirely on the intention of the malicious code. The code executes within the security context of the affected service, which is SYSTEM. In an unsuccessful attack, the target server can terminate abnormally, resulting in a denial-of-service condition.