QID 378363

IBM HTTP Server powered by Apache is based on the Apache HTTP Server available for multiple platforms.

CVE-2022-22719:Apache HTTP Server is vulnerable to a denial of service. By using a specially crafted request body to read a random memory area, a remote attacker could exploit this vulnerability to cause the process to crash.
CVE-2022-22721: Apache HTTP Server is vulnerable to a buffer overflow, caused by an integer overflow. By sending an overly large LimitXMLRequestBody, a remote attacker could overflow a buffer and execute arbitrary code on the system or cause the application to crash.
CVE-2022-22720: Apache HTTP Server is vulnerable to HTTP request smuggling, caused by the failure to close inbound connection when errors are encountered discarding the request body. By sending a specially-crafted HTTP(S) transfer-encoding request header, an attacker could exploit this vulnerability to poison the web cache, bypass web application firewall protection, and conduct XSS attacks

Affected Versions:
IBM HTTP Server V9.0.0.0 through 9.0.5.11
IBM HTTP Server V8.5.0.0 through 8.5.5.21
IBM HTTP Server V8.0.0.0 through 8.0.0.15
IBM HTTP Server V70.0.0 through 7.0.0.45
QID Detection Logic (Authenticated):
Operating System: Windows
The QID checks the key "HKLM\SYSTEM\CurrentControlSet\Services" to see if IBM HTTP vulnerable version installed on the host or not.

QID Detection Logic (Authenticated):
Operating System: Linux
The QID checks the vulnerable version IBM HTTP Server. "version.signature" is used to verify the version.

An attacker could exploit this vulnerability using a specially-crafted URL to redirect a victim to arbitrary Web sites.