Check: WA000-WWA060 W22
APACHE 2.2 Server for Windows STIG:
WA000-WWA060 W22
(in versions v1 r13 through v1 r11)
Title
The HTTP request message body size must be limited. (Cat II impact)
Discussion
Buffer overflow attacks are carried out by a malicious attacker sending amounts of data that the web server cannot store in a given size buffer. The eventual overflow of this buffer can overwrite system memory. Subsequently an attacker may be able to elevate privileges and take control of the server. The Apache directives listed below limit the size of the various HTTP header sizes thereby limiting the chances for a buffer overflow. The LimitRequestBody directive allows the user to set a limit on the allowed size of an HTTP request message body within the context in which the directive is given (server, per-directory, per-file or per-location). If the client request exceeds that limit, the server will return an error response instead of servicing the request. The size of a normal request message body will vary greatly depending on the nature of the resource and the methods allowed on that resource. CGI scripts typically use the message body for retrieving form information. Implementations of the PUT method will require a value at least as large as any representation that the server wishes to accept for that resource. This directive gives the server administrator greater control over abnormal client request behavior, which may be useful for avoiding some forms of denial-of-service attacks.
Check Content
Locate the Apache httpd.conf file. Open the httpd.conf file with an editor such as notepad, and search for the following uncommented directive: LimitRequestBody If the value of LimitRequestBody is not greater than 0 or does not exist, this is a finding.
Fix Text
Specify a size for the LimitRequestBody directive.
Additional Identifiers
Rule ID: SV-33008r1_rule
Vulnerability ID: V-13736
Group Title: WA000-WWA060
Expert Comments
CCIs
Number | Definition |
---|---|
No CCIs are assigned to this check |
Controls
Number | Title |
---|---|
No controls are assigned to this check |