ModSecurity 'modsecurity.c' Security Bypass Vulnerability

Bugtraq ID: 66552
Class: Input Validation Error
CVE: CVE-2013-5705
Remote: Yes
Local: No
Published: Mar 31 2014 12:00AM
Updated: Apr 13 2015 10:07PM
Credit: Martin Holst Swende
Vulnerable: Trustwave ModSecurity 2.7.4
Trustwave ModSecurity 2.7.3
Trustwave ModSecurity 2.7.2
Trustwave ModSecurity 2.7
Trustwave ModSecurity 2.6.8
Trustwave ModSecurity 2.6.6
Trustwave ModSecurity 2.6.5
S.u.S.E. openSUSE 11.4
Mandriva Business Server 1 X86 64
Mandriva Business Server 1
MandrakeSoft Enterprise Server 5 x86_64
MandrakeSoft Enterprise Server 5
IBM PureApplication System 1.1 4
IBM PureApplication System 1.1 3
IBM PureApplication System 1.1 1
IBM PureApplication System 1.1 0
IBM PureApplication System 1.1.0.2
Debian Linux 6.0 sparc
Debian Linux 6.0 s/390
Debian Linux 6.0 powerpc
Debian Linux 6.0 mips
Debian Linux 6.0 ia-64
Debian Linux 6.0 ia-32
Debian Linux 6.0 arm
Debian Linux 6.0 amd64
Not Vulnerable: Trustwave ModSecurity 2.7.6
IBM PureApplication System 1.1.0.4 cFix3


 

Privacy Statement
Copyright 2010, SecurityFocus