SERVER-WEBAPP -- Snort has detected traffic exploiting vulnerabilities in web based applications on servers.
SERVER-WEBAPP Wget HTTP non-200 negative chunk-size buffer overflow attempt
This event is generated when an attempt to exploit CVE-2017-13089 is detected. Impact: Web Application Attack Details: Wget can accept HTTP responses using chunked encoding. Due to typecasting, very large negative values will result in a heap buffer overflow. An attacker may respond to an HTTP GET request with a response of any type other than HTTP 200 OK, with chunked encoding and a chunk with a very large negative size value to exploit this vulnerability. Successful exploitation may result in arbitrary code execution with privileges of the user running Wget, or abnormal program termination. Ease of Attack:
No information provided
No public information
No known false positives
Cisco Talos Intelligence Group
No rule groups
CVE-2017-13089 |
Loading description |