Go Back   DaemonForums > DaemonForums.org > News

News News regarding BSD and related.

Thread Tools Display Modes
  #1   (View Single Post)  
Old 29th May 2013
J65nko J65nko is offline
Join Date: May 2008
Location: Budel - the Netherlands
Posts: 3,508
Default DoS vulnerability in ModSecurity fixed

From http://h-online.com/-1872307

The development team behind open source web application firewall ModSecurity has fixed a vulnerability which could be exploited by attackers to crash the firewall. Using a crafted HTTP request to execute the action forceRequestBodyVariable with an unknown content type resulted in a null pointer dereference.
You don't need to be a genius to debug a pf.conf firewall ruleset, you just need the guts to run tcpdump
Reply With Quote

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
Security Chrome: Pinkie Pie's 64-bit vulnerability fixed J65nko News 0 3rd December 2012 01:15 PM
Security ModSecurity for IIS and Nginx launched at Black Hat J65nko News 0 27th July 2012 03:47 PM
Security Security vulnerability in NVIDIA's proprietary Linux drivers fixed J65nko News 0 13th April 2012 01:18 AM
Availability of ModSecurity 2.6.4 Release J65nko News 0 11th March 2012 06:21 AM
Security Critical PHP vulnerability being fixed J65nko News 1 3rd February 2012 01:27 PM

All times are GMT. The time now is 04:42 PM.

Powered by vBulletin® Version 3.8.4
Copyright ©2000 - 2019, Jelsoft Enterprises Ltd.
Content copyright © 2007-2010, the authors
Daemon image copyright ©1988, Marshall Kirk McKusick