The HTTP request message body size must be limited.ID: oval:org.secpod.oval:def:73558 | Date: (C)2021-06-29 (M)2023-07-04 |
Class: COMPLIANCE | Family: unix |
Buffer overflow attacks are carried out by a malicious attacker sending amounts of data that the web server cannot store in a given size buffer. The eventual overflow of this buffer can overwrite system memory. Subsequently an attacker may be able to elevate privileges and take control of the server. The Apache directives listed below limit the size of the various HTTP header sizes thereby limiting the chances for a buffer overflow.
Product: |
Apache HTTP Server 2.2 |