Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
securityvulnsSecurityvulnsSECURITYVULNS:DOC:22112
HistoryJul 03, 2009 - 12:00 a.m.

[ GLSA 200907-02 ] ModSecurity: Denial of Service

2009-07-0300:00:00
vulners.com
14
JSON

Gentoo Linux Security Advisory GLSA 200907-02

                                        http://security.gentoo.org/

Severity: Normal
Title: ModSecurity: Denial of Service
Date: July 02, 2009
Bugs: #262302
ID: 200907-02

Synopsis

Two vulnerabilities in ModSecurity might lead to a Denial of Service.

Background

ModSecurity is a popular web application firewall for the Apache HTTP
server.

Affected packages

-------------------------------------------------------------------
 Package                  /  Vulnerable  /              Unaffected
-------------------------------------------------------------------

1 www-apache/mod_security < 2.5.9 >= 2.5.9

Description

Multiple vulnerabilities were discovered in ModSecurity:

  • Juan Galiana Lara of ISecAuditors discovered a NULL pointer
    dereference when processing multipart requests without a part header
    name (CVE-2009-1902).

  • Steve Grubb of Red Hat reported that the "PDF XSS protection"
    feature does not properly handle HTTP requests to a PDF file that do
    not use the GET method (CVE-2009-1903).

Impact

A remote attacker might send requests containing specially crafted
multipart data or send certain requests to access a PDF file, possibly
resulting in a Denial of Service (crash) of the Apache HTTP daemon.
NOTE: The PDF XSS protection is not enabled by default.

Workaround

There is no known workaround at this time.

Resolution

All ModSecurity users should upgrade to the latest version:

# emerge --sync
# emerge --ask --oneshot --verbose &quot;&gt;=www-apache/mod_security-2.5.9&quot;

References

[ 1 ] CVE-2009-1902
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1902
[ 2 ] CVE-2009-1903
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1903

Availability

This GLSA and any updates to it are available for viewing at
the Gentoo Security Website:

http://security.gentoo.org/glsa/glsa-200907-02.xml

Concerns?

Security is a primary focus of Gentoo Linux and ensuring the
confidentiality and security of our users machines is of utmost
importance to us. Any security concerns should be addressed to
[email protected] or alternatively, you may file a bug at
http://bugs.gentoo.org.

License

Copyright 2009 Gentoo Foundation, Inc; referenced text
belongs to its owner(s).

The contents of this document are licensed under the
Creative Commons - Attribution / Share Alike license.

http://creativecommons.org/licenses/by-sa/2.5

Related

openvas 12
gentoo 1
nessus 4
securityvulns 1
cve 2
ubuntucve 2
prion 2
openvas
openvas
Mandrake Security Advisory MDVSA-2009:184 (apache-mod_security)
2009-08-17 00:00:00
ModSecurity Multiple Remote Denial of Service Vulnerabilities
2009-06-16 00:00:00
Mandrake Security Advisory MDVSA-2009:184 (apache-mod_security)
2009-08-17 00:00:00
gentoo
gentoo
ModSecurity: Denial of service
2009-07-02 00:00:00
nessus
nessus
Fedora 10 : mod_security-2.5.9-1.fc10 (2009-2686)
2009-04-23 00:00:00
GLSA-200907-02 : ModSecurity: Denial of Service
2009-07-03 00:00:00
Fedora 9 : mod_security-2.5.9-1.fc9 (2009-2654)
2009-03-16 00:00:00
securityvulns
securityvulns
ModSecurity multiple security vulnerabilities
2009-07-03 00:00:00
cve
cve
CVE-2009-1902
2009-06-03 17:00:00
CVE-2009-1903
2009-06-03 17:00:00
ubuntucve
ubuntucve
CVE-2009-1903
2009-06-03 00:00:00
CVE-2009-1902
2009-06-03 00:00:00
prion
prion
Null pointer dereference
2009-06-03 17:00:00
Design/Logic Flaw
2009-06-03 17:00:00
JSON
Related for SECURITYVULNS:DOC:22112
openvas12gentoo1nessus4securityvulns1cve2ubuntucve2prion2