Lucene search

K

MitreCVELIST:CVE-2013-2765

HistoryJul 15, 2013 - 3:00 p.m.

CVE-2013-2765

2013-07-1515:00:00

mitre

www.cve.org

6.4 Medium

AI Score

Confidence

Low

0.018 Low

EPSS

Percentile

88.3%

The ModSecurity module before 2.7.4 for the Apache HTTP Server allows remote attackers to cause a denial of service (NULL pointer dereference, process crash, and disk consumption) via a POST request with a large body and a crafted Content-Type header.

References

archives.neohapsis.com/archives/bugtraq/2013-05/0125.html

lists.opensuse.org/opensuse-updates/2013-08/msg00020.html

lists.opensuse.org/opensuse-updates/2013-08/msg00025.html

lists.opensuse.org/opensuse-updates/2013-08/msg00031.html

sourceforge.net/mailarchive/message.php?msg_id=30900019

www.modsecurity.org/

www.shookalabs.com/

bugzilla.redhat.com/show_bug.cgi?id=967615

github.com/shookalabs/exploits/blob/master/modsecurity_cve_2013_2765_check.py

github.com/SpiderLabs/ModSecurity/commit/0840b13612a0b7ef1ce7441cf811dcfc6b463fba

raw.github.com/SpiderLabs/ModSecurity/master/CHANGES

6.4 Medium

AI Score

Confidence

Low

0.018 Low

EPSS

Percentile

88.3%

Related for CVELIST:CVE-2013-2765

nessus10 ubuntucve1 nvd1 packetstorm1 seebug1 debiancve1 securityvulns2 thn2 openvas6 cve1 freebsd1 zdt1 mageia1 prion1 fedora3 f51