Vulnerability in Trustwave Modsecurity
CVE-2012-4528
The mod_security2 module before 2.7.0 for the Apache HTTP Server allows remote attackers to bypass rules, and deliver arbitrary POST data to a PHP application, via a multipart request in which an invalid part precedes the crafted data.
EPSS: 0.115 (93.7th percentile) — read the EPSS interpretation.
Affected products
- Trustwave Modsecurity
- Fedoraproject Fedora — versions 18
- Opensuse — versions 11.4, 12.2, 12.3
- N/a — versions n/a
References
- openSUSE-SU-2013:1342 (vendor-advisory, Mailing List, Third Party Advisory, x_refsource_SUSE)
- secalert@redhat.com (Third Party Advisory, x_refsource_MISC)
- secalert@redhat.com (x_refsource_CONFIRM, Broken Link)
- openSUSE-SU-2013:1331 (vendor-advisory, Mailing List, Third Party Advisory, x_refsource_SUSE)
- secalert@redhat.com (x_refsource_CONFIRM, Broken Link)
- secalert@redhat.com (x_refsource_CONFIRM, Broken Link)
- 20121017 SEC Consult SA-20121017-0 :: ModSecurity multipart/invalid part ruleset bypass (mailing-list, Exploit, x_refsource_FULLDISC, Mailing List, Third Party Advisory)
- FEDORA-2012-18278 (x_refsource_FEDORA, vendor-advisory, Third Party Advisory)
- [oss-security] 20121018 Re: CVE request: Fwd: [Full-disclosure] SEC Consult SA-20121017-0 :: ModSecurity multipart/invalid part ruleset bypass (mailing-list, x_refsource_MLIST, Mailing List, Third Party Advisory)
- openSUSE-SU-2013:1336 (vendor-advisory, Mailing List, Third Party Advisory, x_refsource_SUSE)