SERVER-APACHE -- Snort has detected traffic exploiting vulnerabilities in Apache servers.
SERVER-APACHE Apache mod_http2 NULL pointer dereference attempt
This event is generated when an attacker attempts to exploit a NULL pointer dereference in Apache's HTTP2 handling.
Detection of a Denial of Service Attack
Rule checks for an attempt to exploit a NULL pointer dereference vulnerability present in Apache's mod_http2.
Ease of Attack:
What To Look For
This rule alerts when an attempt to cause a denial of service condition during an http2 upgrade is detected.
No public information
No known false positives
Cisco Talos Intelligence Group
MITRE ATT&CK Framework
Technique: Network Denial of Service
For reference, see the MITRE ATT&CK vulnerability types here:
CVE Additional Information
CVE-2017-7659A maliciously constructed HTTP/2 request could cause mod_http2 2.4.24, 2.4.25 to dereference a NULL pointer and crash the server process.
||Ease of Access||