F5 is upgrading its customer support chat feature on My.F5.com. Chat support will be unavailable from 6am-10am PST on 1/20/26. Refer to K000159584 for details.

Forum Discussion

Raj_Barre's avatar
Raj_Barre
Icon for Altostratus rankAltostratus
Aug 30, 2018

Attack Signatures for CVE-2016-1181

I am working with a application team to protect the app from CVE-2016-1181.   Did not see any particular attack signatures for this CVE.   Really appreciate If you can provide some insight ont...
ASM Advanced WAF
security
samstep's avatar
samstep
Icon for Cirrocumulus rankCirrocumulus
Sep 02, 2018

My understanding is that the exploit code for this CVE was never published and the vendors (like IBM, SAP etc) simply released a patched version and so did Apache.

 

Theoretically any exploitation will be detected by ASM's many existing Java Code Injection attack signatures and several OS command execution signatures.

 

If you are working with the app team the best protection is to patch the backend - patches were released long time ago:

 

https://www.securityfocus.com/bid/91068