Gentoo: GLSA-200705-17 Low: mod_security Remote Rule Bypass
gentoo
May 17, 2007
A vulnerability has been discovered in mod_security, allowing a remote attacker to bypass rules.
Summary
Gentoo Linux Security Advisory GLSA 200705-17
https://security.gentoo.org/
Severity: Low
Title: Apache mod_security: Rule bypass
Date: May 17, 2007
Bugs: #169778
ID: 200705-17
Synopsis
=======
A vulnerability has been discovered in mod_security, allowing a remote
attacker to bypass rules.
Background
=========
mod_security is an Apache module designed for enhancing the security of
the Apache web server.
Affected packages
================
-------------------------------------------------------------------
Package / Vulnerable / Unaffected
-------------------------------------------------------------------
1 net-www/mod_security < 2.1.1 >= 2.1.1
==========
Stefan Esser discovered that mod_security processes NULL characters as
terminators in POST requests using the
application/x-www-form-urlencoded encoding type, whi...
Topics Covered
Resolution
References
Availability
style>.gentoo_availability{display:block;}
Concerns
PREVIOUS
NEXT
Severity
low
Lowest
Low
Medium
High
Critical
Warning: Undefined array key "advisory_info" in /var/www/www.linuxsecurity.com-443/html/tmp/regularlabs/custom_php/4093487_4c9dbbdde36eef04251a4ced7eac4df9 on line 11
Topics Covered
Background
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Affected Packages
Impact
Workaround
Related News
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!