Apache Threading Error

Aug 12, 2024 · attack.initial-access attack.lateral-movement attack.t1190 attack.t1210 ·

Detects an issue in apache logs that reports threading related errors

Sigma rule (View on GitHub)

 1title: Apache Threading Error
 2id: e9a2b582-3f6a-48ac-b4a1-6849cdc50b3c
 3status: test
 4description: Detects an issue in apache logs that reports threading related errors
 5references:
 6    - https://github.com/hannob/apache-uaf/blob/da40f2be3684c8095ec6066fa68eb5c07a086233/README.md
 7author: Florian Roth (Nextron Systems)
 8date: 2019-01-22
 9modified: 2021-11-27
10tags:
11    - attack.initial-access
12    - attack.lateral-movement
13    - attack.t1190
14    - attack.t1210
15logsource:
16    service: apache
17    definition: 'Requirements: Must be able to collect the error.log file'
18detection:
19    keywords:
20        - '__pthread_tpp_change_priority: Assertion `new_prio == -1 || (new_prio >= fifo_min_prio && new_prio <= fifo_max_prio)'
21    condition: keywords
22falsepositives:
23    - 3rd party apache modules - https://bz.apache.org/bugzilla/show_bug.cgi?id=46185
24level: medium

References

apache-uaf/README.md at da40f2be3684c8095ec6066fa68eb5c07a086233 · hannob/apache-uaf

Apache use after free bug infos / ASAN stack traces - hannob/apache-uaf

Read More

Apache Threading Error

Sigma rule (View on GitHub)

References

apache-uaf/README.md at da40f2be3684c8095ec6066fa68eb5c07a086233 · hannob/apache-uaf

Related rules