Apache Segmentation Fault

Aug 12, 2024 · attack.impact attack.t1499.004 ·

Detects a segmentation fault error message caused by a crashing apache worker process

Sigma rule (View on GitHub)

 1title: Apache Segmentation Fault
 2id: 1da8ce0b-855d-4004-8860-7d64d42063b1
 3status: test
 4description: Detects a segmentation fault error message caused by a crashing apache worker process
 5references:
 6    - http://www.securityfocus.com/infocus/1633
 7author: Florian Roth (Nextron Systems)
 8date: 2017-02-28
 9modified: 2021-11-27
10tags:
11    - attack.impact
12    - attack.t1499.004
13logsource:
14    service: apache
15    definition: 'Requirements: Must be able to collect the error.log file'
16detection:
17    keywords:
18        - 'exit signal Segmentation Fault'
19    condition: keywords
20falsepositives:
21    - Unknown
22level: high

References

http://www.securityfocus.com/infocus/1633

Read More

Related rules

Audit CVE Event
Nginx Core Dump
AADInternals PowerShell Cmdlets Execution - ProccessCreation
AADInternals PowerShell Cmdlets Execution - PsScript
AWS EC2 Disable EBS Encryption