Buffer overflow protection should be configured 'LimitRequestline'

Information

Buffer overflow vulnerabilities stem from problems in string handling. Whenever a computer program tries copying a string or buffer into a buffer that is smaller than the string, an overflow is caused. If the destination buffer is overflowed sufficiently it will overwrite various crucial system data. In most situations an attacker can leverage this to takeover a specific program's process, thereby acquiring the privileges of process or program

Solution

Edit the httpd.conf file and add the following
LimitRequestBody 10240
LimitRequestFields 40
LimitRequestFieldSize 100
LimitRequestLine 500

Item Details

Category: SYSTEM AND INFORMATION INTEGRITY

References: 800-53|SI-16

Plugin: Unix

Control ID: 57700fe32bbdb8096ca67299e8f303298cc2ddbd8f6f15ed0f42511c57f93bf4