DoS vulnerability in ModSecurity fixed
From http://h-online.com/-1872307
Quote:
The development team behind open source web application firewall ModSecurity has fixed a vulnerability which could be exploited by attackers to crash the firewall. Using a crafted HTTP request to execute the action forceRequestBodyVariable with an unknown content type resulted in a null pointer dereference.
|
__________________
You don't need to be a genius to debug a pf.conf firewall ruleset, you just need the guts to run tcpdump
|