Download
| Alert*
oval:org.secpod.oval:def:601501
libapache-mod-security is installed oval:org.secpod.oval:def:601721 Martin Holst Swende discovered a flaw in the way chunked requests are handled in ModSecurity, an Apache module whose purpose is to tighten the Web application security. A remote attacker could use this flaw to bypass intended mod_security restrictions by using chunked transfer coding with a capitali ... oval:org.secpod.oval:def:601004 Timur Yunusov and Alexey Osipov from Positive Technologies discovered that the XML files parser of ModSecurity, an Apache module whose purpose is to tighten the Web application security, is vulnerable to XML external entities attacks. A specially-crafted XML file provided by a remote attacker, could ... oval:org.secpod.oval:def:600844 Qualys Vulnerability & Malware Research Labs discovered a vulnerability in ModSecurity, a security module for the Apache webserver. In situations where both "Content:Disposition: attachment" and "Content-Type: multipart" were present in HTTP headers, the vulernability could allow an attacker to ... |