ModSecurity Quote Parsing Security Bypass Vulnerability

Bugtraq ID: 54156
Class: Input Validation Error
CVE: CVE-2009-5031
CVE-2012-2751
Remote: Yes
Local: No
Published: Jun 08 2012 12:00AM
Updated: Aug 05 2014 01:09AM
Credit: Qualys Vulnerability & Malware Research Labs (VMRL)
Vulnerable: SuSE openSUSE 11.4
Oracle Oracle HTTP Server 9.2 .8
Oracle Oracle HTTP Server 9.2 .0
+ Apache Software Foundation Apache 1.3.22
Oracle Oracle HTTP Server 9.1
+ Apache Software Foundation Apache 1.3.12
Oracle Oracle HTTP Server 9.0.3 .1
+ Oracle Oracle9i Application Server 9.0.3 .1
Oracle Oracle HTTP Server 9.0.2 .3
+ Oracle Oracle9i Application Server 9.0.2 .3
Oracle Oracle HTTP Server 9.0.2
Oracle Oracle HTTP Server 9.0.1
Oracle Oracle HTTP Server 8.1.7
+ Apache Software Foundation Apache 1.3.12
+ Oracle Oracle8 8.1.7
+ Oracle Oracle8i Enterprise Edition 8.1.7 .0.0
+ Oracle Oracle8i Standard Edition 8.1.7
Oracle Oracle HTTP Server 1.0.2 .2 Roll up 2
Oracle Oracle HTTP Server 1.0.2 .2
Oracle Oracle HTTP Server 1.0.2 .1
Oracle Oracle HTTP Server 1.0.2 .0
Oracle Oracle HTTP Server 11.1.1.5
Oracle Oracle HTTP Server 11.1.1.4
Oracle Oracle HTTP Server 11.1.1.3
Oracle Oracle HTTP Server 10.1.3.5
Oracle Oracle HTTP Server 10.1.2.3
Oracle HTTP Server for Server 9.2
Oracle HTTP Server for Server 9.0.1
Oracle HTTP Server for Server 8.1.7
Mandriva Linux Mandrake 2011 x86_64
Mandriva Linux Mandrake 2011
MandrakeSoft Enterprise Server 5 x86_64
MandrakeSoft Enterprise Server 5
Debian Linux 6.0 sparc
Debian Linux 6.0 s/390
Debian Linux 6.0 powerpc
Debian Linux 6.0 mips
Debian Linux 6.0 ia-64
Debian Linux 6.0 ia-32
Debian Linux 6.0 arm
Debian Linux 6.0 amd64
Not Vulnerable:


 

Privacy Statement
Copyright 2010, SecurityFocus