Home page logo
/

oss-sec logo oss-sec mailing list archives

Re: CVE request: Fwd: [Full-disclosure] SEC Consult SA-20121017-0 :: ModSecurity multipart/invalid part ruleset bypass
From: Kurt Seifried <kseifried () redhat com>
Date: Thu, 18 Oct 2012 01:45:10 -0600

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On 10/17/2012 02:47 AM, Matthias Weckbecker wrote:
Hi Steve, Kurt, vendors,

this flaw looks slightly different from the last one and
apparently has not got a CVE yet.

----------  Forwarded Message  ----------

Subject: [Full-disclosure] SEC Consult SA-20121017-0 ::
ModSecurity multipart/invalid part ruleset bypass Date: Wednesday
17 October 2012 From: SEC Consult Vulnerability Lab 
<research () sec-consult com> To: full-disclosure () lists grok org uk, 
bugtraq () securityfocus com

SEC Consult Vulnerability Lab Security Advisory < 20121017-0 > 
=======================================================================



title: ModSecurity multipart/invalid part ruleset bypass
product: ModSecurity vulnerable version: <= 2.6.8 fixed version: 
2.7.0 CVE number: - impact: Depends what you use it for homepage: 
http://www.modsecurity.org/ found: 2012-10-12 by: Bernhard Mueller
 SEC Consult Vulnerability Lab https://www.sec-consult.com 
=======================================================================

Looking


through

https://www.modsecurity.org/tracker/secure/ReleaseNote.jspa?projectId=10000&version=10100

Is this https://www.modsecurity.org/tracker/browse/MODSEC-155

I'd like to confirm this before assigning a CVE.

- -- 
Kurt Seifried Red Hat Security Response Team (SRT)
PGP: 0x5E267993 A90B F995 7350 148F 66BF 7554 160D 4553 5E26 7993

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://www.enigmail.net/

iQIcBAEBAgAGBQJQf7OGAAoJEBYNRVNeJnmTFlgQAJxEfUA7oFo8bb0/iSrb7zy9
k4IgupMfsxmOLy9uv07G5dy7dRNRkOqYtrQxszFfnnsFqTDtE9+BU7QpX3pmyBlp
KYJMTen2A7ygbqr2GSNnh5faCeYty/9gvubTrJ0wmdE8wlwoOqOtZcjkjA0IzRy9
T5WYmwxHkkytPsBVQjrirJc4Q2ehKLUNA6ipC6eyq5b+5qqtS+pHRcJbMbNeHj8P
PSDeWGAgwSVY56o+vb0WjAjaU/o64kv6ZOn8MFb06cb+GCTUbtpJHwRWaBwmNBaf
9vHqUURjkAkB/np5v9PvKGuovBs8MiDjv43Z8Tl2oWLGJlkaWO0ltC0HBD9nkKBV
H+5mSPub3MBrtxXyUXI0lb4Zh4vUtbzDt8O0SVV+6lqAFv18UBX0ksTjzkgK6sIl
987lJr+MiKsVsO7XBZk0OBMQShu9AiZq3ueBwcol99HeY/ICPPZxT+lP/v72rNsc
rMaLOBtgdMj2n0yVvqk4Zg1mshZyWP8NAofFhu2sIbItd/x/csCrwFTjJnrar2pN
2wHJKFjq/ssMXBuFws1M/O4CjRDo2iImB4fIYqS5GxSXRQUephI6eIbgmX/PPQgG
5z550ct/fbSCcNm8uzCjN5YbAKcvHqfDqTqrq4v6bBMJ6ww2eOR8gF9/LYFm7OKb
jTf1myRV1SAMt6UVd0dJ
=XFfO
-----END PGP SIGNATURE-----


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]