Apache - CVE-2022-22721

Description

Kayran has detected that the Version of Apache HTTP Server being used has a ‘Integer Overflow or Wraparound’ vulnerability (CWE-190). Also known as CVE-2022-22721.

The software performs a calculation that can produce an integer overflow or wraparound, when the logic assumes that the resulting value will always be larger than the original value.

By defining that the LimitXMLRequestBody is set to allow request bodies larger than 350MB (defaults to 1M) on 32 bit systems an integer overflow happens which later causes out of bounds writes.

There’s a chance that this vulnerability will allow attackers to modify system files and information. Also, it could cause a decrease in performance and interruptions in the availability of resources.

Apache – CVE-2022-22721

Description

Recommendation

References

The fundamentals of HTML

Cyberbullying – We Need to Talk About it

Terms and Topics in Cybersecurity that you should know

To serve or not to serve – DoS vs. DDoS

The least choking snake – Python

Links

registered user?

Apache – CVE-2022-22721

Description

Recommendation

References

The fundamentals of HTML

Cyberbullying – We Need to Talk About it

Networking? – Social Engineering

Terms and Topics in Cybersecurity that you should know

To serve or not to serve – DoS vs. DDoS

The least choking snake – Python

Links

registered user?