Alerts This Week
Warning Icon 1 727
Alerts This Week
Warning Icon 1 727

Gentoo: GLSA-202310-01 Critical: ModSecurity Exploit Vulnerability

gentoo
Calendar Grey July 2, 2009
Dist Gentoo Esm H88
Gentoo GLSA 202310-01 highlights vulnerabilities in ModSecurity that could lead to potential Denial of Service; an upgrade is recommended for enhanced security.
Two vulnerabilities in ModSecurity might lead to a Denial of Service.

Summary

Gentoo Linux Security Advisory GLSA 200907-02 https://security.gentoo.org/ Severity: Normal Title: ModSecurity: Denial of Service Date: July 02, 2009 Bugs: #262302 ID: 200907-02

Synopsis ======= Two vulnerabilities in ModSecurity might lead to a Denial of Service.
Background ========= ModSecurity is a popular web application firewall for the Apache HTTP server.
Affected packages ================ ------------------------------------------------------------------- Package / Vulnerable / Unaffected ------------------------------------------------------------------- 1 www-apache/mod_security < 2.5.9 >= 2.5.9
========== Multiple vulnerabilities were discovered in ModSecurity:
* Juan Galiana Lara of ISecAuditors discovered a NULL pointer dereference when processing multipart requests without a part header name (CVE-20...

Read the Full Advisory

Topics%20covered

Topics Covered

security advisory denial of service gentoo remote code execution modsecurity

Resolution

References

Availability

style>.gentoo_availability{display:block;}

Concerns

Severity
critical
Lowest
Low
Medium
High
Critical

Topics%20covered

Topics Covered

security advisory denial of service gentoo remote code execution modsecurity

Synopsis

Background

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Affected Packages

Impact

Workaround

Your message here