ID FEDORA:31FF4234CE Type fedora Reporter Fedora Modified 2013-04-14T00:29:50
Description
ModSecurity is an open source intrusion detection and prevention engine for web applications. It operates embedded into the web server, acting as a powerful umbrella - shielding web applications from attacks.
{"cve": [{"lastseen": "2020-12-09T19:52:40", "description": "ModSecurity before 2.7.3 allows remote attackers to read arbitrary files, send HTTP requests to intranet servers, or cause a denial of service (CPU and memory consumption) via an XML external entity declaration in conjunction with an entity reference, aka an XML External Entity (XXE) vulnerability.", "edition": 5, "cvss3": {}, "published": "2013-04-25T23:55:00", "title": "CVE-2013-1915", "type": "cve", "cwe": ["CWE-20"], "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2013-1915"], "modified": "2013-12-01T04:27:00", "cpe": ["cpe:/a:modsecurity:modsecurity:2.7.0", "cpe:/a:modsecurity:modsecurity:2.7.2", "cpe:/a:modsecurity:modsecurity:2.7.1"], "id": "CVE-2013-1915", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-1915", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}, "cpe23": ["cpe:2.3:a:modsecurity:modsecurity:2.7.0:*:*:*:*:*:*:*", "cpe:2.3:a:modsecurity:modsecurity:2.7.2:*:*:*:*:*:*:*", "cpe:2.3:a:modsecurity:modsecurity:2.7.1:*:*:*:*:*:*:*"]}], "seebug": [{"lastseen": "2017-11-19T17:43:41", "description": "Bugtraq ID:58810\r\nCVE ID:CVE-2013-1915\r\n\r\n\r\nModSecurity\u662f\u4e00\u4e2a\u5165\u4fb5\u4fa6\u6d4b\u4e0e\u9632\u62a4\u5f15\u64ce,\u5b83\u4e3b\u8981\u662f\u7528\u4e8eWeb\u5e94\u7528\u7a0b\u5e8f,\u6240\u4ee5\u4e5f\u88ab\u79f0\u4e3aWeb\u5e94\u7528\u7a0b\u5e8f\u9632\u706b\u5899\r\n\r\nModSecurity\u5b58\u5728\u5b89\u5168\u6f0f\u6d1e\uff0c\u5141\u8bb8\u8fdc\u7a0b\u653b\u51fb\u8005\u901a\u8fc7XML\u5916\u90e8\u5b9e\u4f53\u58f0\u660e\u7ed3\u5408\u5b9e\u4f53\u5f15\u7528\uff0c\u53ef\u8bfb\u53d6\u4efb\u610f\u6587\u4ef6\uff0c\u53d1\u9001HTTP\u8bf7\u6c42\u5230\u5185\u7f51\u670d\u52a1\u5668\u6216\u8fdb\u884c\u62d2\u7edd\u670d\u52a1\u653b\u51fb\r\n0\r\nModSecurity < 2.7.3\r\n\u5382\u5546\u89e3\u51b3\u65b9\u6848\r\n\r\nModSecurity 2.7.3\u5df2\u7ecf\u4fee\u590d\u6b64\u6f0f\u6d1e\uff0c\u5efa\u8bae\u7528\u6237\u4e0b\u8f7d\u66f4\u65b0\uff1a\r\nhttp://www.modsecurity.org/", "published": "2013-04-28T00:00:00", "title": "ModSecurity XML\u5916\u90e8\u5b9e\u4f53\u4fe1\u606f\u6cc4\u9732\u6f0f\u6d1e(CVE-2013-1915)", "type": "seebug", "bulletinFamily": "exploit", "cvelist": ["CVE-2013-1915"], "modified": "2013-04-28T00:00:00", "href": "https://www.seebug.org/vuldb/ssvid-60777", "id": "SSV:60777", "sourceData": "", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "sourceHref": ""}], "openvas": [{"lastseen": "2017-07-25T10:51:53", "bulletinFamily": "scanner", "cvelist": ["CVE-2013-1915"], "description": "Check for the Version of mod_security", "modified": "2017-07-10T00:00:00", "published": "2013-04-15T00:00:00", "id": "OPENVAS:865549", "href": "http://plugins.openvas.org/nasl.php?oid=865549", "type": "openvas", "title": "Fedora Update for mod_security FEDORA-2013-4831", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for mod_security FEDORA-2013-4831\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2013 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\n\ntag_solution = \"Please Install the Updated Packages.\";\ntag_insight = \"ModSecurity is an open source intrusion detection and prevention engine\n for web applications. It operates embedded into the web server, acting\n as a powerful umbrella - shielding web applications from attacks.\";\ntag_affected = \"mod_security on Fedora 18\";\n\n\nif(description)\n{\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_id(865549);\n script_version(\"$Revision: 6628 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 08:32:47 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2013-04-15 10:08:45 +0530 (Mon, 15 Apr 2013)\");\n script_cve_id(\"CVE-2013-1915\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_name(\"Fedora Update for mod_security FEDORA-2013-4831\");\n\n script_xref(name: \"FEDORA\", value: \"2013-4831\");\n script_xref(name: \"URL\" , value: \"http://lists.fedoraproject.org/pipermail/package-announce/2013-April/101911.html\");\n script_summary(\"Check for the Version of mod_security\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2013 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC18\")\n{\n\n if ((res = isrpmvuln(pkg:\"mod_security\", rpm:\"mod_security~2.7.3~1.fc18\", rls:\"FC18\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2019-05-29T18:37:56", "bulletinFamily": "scanner", "cvelist": ["CVE-2013-1915"], "description": "The remote host is missing an update for the ", "modified": "2019-03-15T00:00:00", "published": "2013-04-15T00:00:00", "id": "OPENVAS:1361412562310865549", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310865549", "type": "openvas", "title": "Fedora Update for mod_security FEDORA-2013-4831", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for mod_security FEDORA-2013-4831\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2013 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_tag(name:\"affected\", value:\"mod_security on Fedora 18\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.865549\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2013-04-15 10:08:45 +0530 (Mon, 15 Apr 2013)\");\n script_cve_id(\"CVE-2013-1915\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_name(\"Fedora Update for mod_security FEDORA-2013-4831\");\n script_xref(name:\"FEDORA\", value:\"2013-4831\");\n script_xref(name:\"URL\", value:\"http://lists.fedoraproject.org/pipermail/package-announce/2013-April/101911.html\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'mod_security'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2013 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC18\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC18\")\n{\n\n if ((res = isrpmvuln(pkg:\"mod_security\", rpm:\"mod_security~2.7.3~1.fc18\", rls:\"FC18\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:38:10", "bulletinFamily": "scanner", "cvelist": ["CVE-2013-1915"], "description": "Timur Yunusov and Alexey Osipov from Positive Technologies discovered\nthat the XML files parser of ModSecurity, an Apache module whose purpose\nis to tighten the Web application security, is vulnerable to XML\nexternal entities attacks. A specially-crafted XML file provided by a\nremote attacker, could lead to local file disclosure or excessive\nresources (CPU, memory) consumption when processed.\n\nThis update introduces a SecXmlExternalEntity option which is Off\n\nby default. This will disable the ability of libxml2 to load external\nentities.", "modified": "2019-03-18T00:00:00", "published": "2013-04-09T00:00:00", "id": "OPENVAS:1361412562310892659", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310892659", "type": "openvas", "title": "Debian Security Advisory DSA 2659-1 (libapache-mod-security - XML external entity processing vulnerability)", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_2659.nasl 14276 2019-03-18 14:43:56Z cfischer $\n# Auto-generated from advisory DSA 2659-1 using nvtgen 1.0\n# Script version: 1.0\n#\n# Author:\n# Greenbone Networks\n#\n# Copyright:\n# Copyright (c) 2013 Greenbone Networks GmbH http://greenbone.net\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.892659\");\n script_version(\"$Revision: 14276 $\");\n script_cve_id(\"CVE-2013-1915\");\n script_name(\"Debian Security Advisory DSA 2659-1 (libapache-mod-security - XML external entity processing vulnerability)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-18 15:43:56 +0100 (Mon, 18 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2013-04-09 00:00:00 +0200 (Tue, 09 Apr 2013)\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n\n script_xref(name:\"URL\", value:\"http://www.debian.org/security/2013/dsa-2659.html\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2013 Greenbone Networks GmbH http://greenbone.net\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\", re:\"ssh/login/release=DEB(6|7)\");\n script_tag(name:\"affected\", value:\"libapache-mod-security on Debian Linux\");\n script_tag(name:\"solution\", value:\"For the stable distribution (squeeze), this problem has been fixed in\nversion 2.5.12-1+squeeze2.\n\nFor the testing distribution (wheezy), this problem has been fixed in\nversion 2.6.6-6 of the modsecurity-apache package.\n\nFor the unstable distribution (sid), this problem has been fixed in\nversion 2.6.6-6 of the modsecurity-apache package.\n\nWe recommend that you upgrade your libapache-mod-security packages.\");\n script_tag(name:\"summary\", value:\"Timur Yunusov and Alexey Osipov from Positive Technologies discovered\nthat the XML files parser of ModSecurity, an Apache module whose purpose\nis to tighten the Web application security, is vulnerable to XML\nexternal entities attacks. A specially-crafted XML file provided by a\nremote attacker, could lead to local file disclosure or excessive\nresources (CPU, memory) consumption when processed.\n\nThis update introduces a SecXmlExternalEntity option which is Off\n\nby default. This will disable the ability of libxml2 to load external\nentities.\");\n script_tag(name:\"vuldetect\", value:\"This check tests the installed software version using the apt package manager.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif((res = isdpkgvuln(pkg:\"libapache-mod-security\", ver:\"2.5.12-1+squeeze2\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"mod-security-common\", ver:\"2.5.12-1+squeeze2\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libapache-mod-security\", ver:\"2.6.6-6\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libapache2-modsecurity\", ver:\"2.6.6-6\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\n\nif(report != \"\") {\n security_message(data:report);\n} else if(__pkg_match) {\n exit(99);\n}", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2017-07-24T12:51:55", "bulletinFamily": "scanner", "cvelist": ["CVE-2013-1915"], "description": "Timur Yunusov and Alexey Osipov from Positive Technologies discovered\nthat the XML files parser of ModSecurity, an Apache module whose purpose\nis to tighten the Web application security, is vulnerable to XML\nexternal entities attacks. A specially-crafted XML file provided by a\nremote attacker, could lead to local file disclosure or excessive\nresources (CPU, memory) consumption when processed.\n\nThis update introduces a SecXmlExternalEntity option which is Off \n\nby default. This will disable the ability of libxml2 to load external\nentities.", "modified": "2017-07-07T00:00:00", "published": "2013-04-09T00:00:00", "id": "OPENVAS:892659", "href": "http://plugins.openvas.org/nasl.php?oid=892659", "type": "openvas", "title": "Debian Security Advisory DSA 2659-1 (libapache-mod-security - XML external entity processing vulnerability)", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_2659.nasl 6611 2017-07-07 12:07:20Z cfischer $\n# Auto-generated from advisory DSA 2659-1 using nvtgen 1.0\n# Script version: 1.0\n#\n# Author:\n# Greenbone Networks\n#\n# Copyright:\n# Copyright (c) 2013 Greenbone Networks GmbH http://greenbone.net\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\n\ntag_affected = \"libapache-mod-security on Debian Linux\";\ntag_insight = \"Mod_security is an Apache module whose purpose is to tighten the Web\napplication security. Effectively, it is an intrusion detection and prevention\nsystem for the web server.\";\ntag_solution = \"For the stable distribution (squeeze), this problem has been fixed in\nversion 2.5.12-1+squeeze2.\n\nFor the testing distribution (wheezy), this problem has been fixed in\nversion 2.6.6-6 of the modsecurity-apache package.\n\nFor the unstable distribution (sid), this problem has been fixed in\nversion 2.6.6-6 of the modsecurity-apache package.\n\nWe recommend that you upgrade your libapache-mod-security packages.\";\ntag_summary = \"Timur Yunusov and Alexey Osipov from Positive Technologies discovered\nthat the XML files parser of ModSecurity, an Apache module whose purpose\nis to tighten the Web application security, is vulnerable to XML\nexternal entities attacks. A specially-crafted XML file provided by a\nremote attacker, could lead to local file disclosure or excessive\nresources (CPU, memory) consumption when processed.\n\nThis update introduces a SecXmlExternalEntity option which is Off \n\nby default. This will disable the ability of libxml2 to load external\nentities.\";\ntag_vuldetect = \"This check tests the installed software version using the apt package manager.\";\n\nif(description)\n{\n script_id(892659);\n script_version(\"$Revision: 6611 $\");\n script_cve_id(\"CVE-2013-1915\");\n script_name(\"Debian Security Advisory DSA 2659-1 (libapache-mod-security - XML external entity processing vulnerability)\");\n script_tag(name: \"last_modification\", value:\"$Date: 2017-07-07 14:07:20 +0200 (Fri, 07 Jul 2017) $\");\n script_tag(name: \"creation_date\", value:\"2013-04-09 00:00:00 +0200 (Tue, 09 Apr 2013)\");\n script_tag(name: \"cvss_base\", value:\"7.5\");\n script_tag(name: \"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n\n script_xref(name: \"URL\", value: \"http://www.debian.org/security/2013/dsa-2659.html\");\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2013 Greenbone Networks GmbH http://greenbone.net\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\");\n script_tag(name: \"affected\", value: tag_affected);\n script_tag(name: \"insight\", value: tag_insight);\n# script_tag(name: \"impact\", value: tag_impact);\n script_tag(name: \"solution\", value: tag_solution);\n script_tag(name: \"summary\", value: tag_summary);\n script_tag(name: \"vuldetect\", value: tag_vuldetect);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isdpkgvuln(pkg:\"libapache-mod-security\", ver:\"2.5.12-1+squeeze2\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"mod-security-common\", ver:\"2.5.12-1+squeeze2\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libapache-mod-security\", ver:\"2.6.6-6\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libapache2-modsecurity\", ver:\"2.6.6-6\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2017-07-25T10:52:13", "bulletinFamily": "scanner", "cvelist": ["CVE-2012-4528", "CVE-2013-1915"], "description": "Check for the Version of mod_security", "modified": "2017-07-10T00:00:00", "published": "2013-04-15T00:00:00", "id": "OPENVAS:865552", "href": "http://plugins.openvas.org/nasl.php?oid=865552", "type": "openvas", "title": "Fedora Update for mod_security FEDORA-2013-4834", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for mod_security FEDORA-2013-4834\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2013 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\n\ntag_affected = \"mod_security on Fedora 17\";\ntag_insight = \"ModSecurity is an open source intrusion detection and prevention engine\n for web applications. It operates embedded into the web server, acting\n as a powerful umbrella - shielding web applications from attacks.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\nif(description)\n{\n script_id(865552);\n script_version(\"$Revision: 6628 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 08:32:47 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2013-04-15 10:09:14 +0530 (Mon, 15 Apr 2013)\");\n script_cve_id(\"CVE-2012-4528\", \"CVE-2013-1915\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_name(\"Fedora Update for mod_security FEDORA-2013-4834\");\n\n script_xref(name: \"FEDORA\", value: \"2013-4834\");\n script_xref(name: \"URL\" , value: \"http://lists.fedoraproject.org/pipermail/package-announce/2013-April/101898.html\");\n script_summary(\"Check for the Version of mod_security\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2013 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC17\")\n{\n\n if ((res = isrpmvuln(pkg:\"mod_security\", rpm:\"mod_security~2.7.3~1.fc17\", rls:\"FC17\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2019-05-29T18:37:59", "bulletinFamily": "scanner", "cvelist": ["CVE-2012-4528", "CVE-2013-1915"], "description": "The remote host is missing an update for the ", "modified": "2019-03-15T00:00:00", "published": "2013-04-15T00:00:00", "id": "OPENVAS:1361412562310865552", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310865552", "type": "openvas", "title": "Fedora Update for mod_security FEDORA-2013-4834", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for mod_security FEDORA-2013-4834\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2013 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.865552\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2013-04-15 10:09:14 +0530 (Mon, 15 Apr 2013)\");\n script_cve_id(\"CVE-2012-4528\", \"CVE-2013-1915\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_name(\"Fedora Update for mod_security FEDORA-2013-4834\");\n script_xref(name:\"FEDORA\", value:\"2013-4834\");\n script_xref(name:\"URL\", value:\"http://lists.fedoraproject.org/pipermail/package-announce/2013-April/101898.html\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'mod_security'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2013 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC17\");\n script_tag(name:\"affected\", value:\"mod_security on Fedora 17\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC17\")\n{\n\n if ((res = isrpmvuln(pkg:\"mod_security\", rpm:\"mod_security~2.7.3~1.fc17\", rls:\"FC17\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}], "debian": [{"lastseen": "2020-11-11T13:21:59", "bulletinFamily": "unix", "cvelist": ["CVE-2013-1915"], "description": "- -------------------------------------------------------------------------\nDebian Security Advisory DSA-2659-1 security@debian.org\nhttp://www.debian.org/security/ Salvatore Bonaccorso\nApril 09, 2013 http://www.debian.org/security/faq\n- -------------------------------------------------------------------------\n\nPackage : libapache-mod-security\nVulnerability : XML external entity processing vulnerability\nProblem type : remote\nDebian-specific: no\nCVE ID : CVE-2013-1915\nDebian Bug : 704625\n\nTimur Yunusov and Alexey Osipov from Positive Technologies discovered\nthat the XML files parser of ModSecurity, an Apache module whose purpose\nis to tighten the Web application security, is vulnerable to XML\nexternal entities attacks. A specially-crafted XML file provided by a\nremote attacker, could lead to local file disclosure or excessive\nresources (CPU, memory) consumption when processed.\n\nThis update introduces a SecXmlExternalEntity option which is 'Off' by\ndefault. This will disable the ability of libxml2 to load external\nentities.\n\nFor the stable distribution (squeeze), this problem has been fixed in\nversion 2.5.12-1+squeeze2.\n\nFor the testing distribution (wheezy), this problem has been fixed in\nversion 2.6.6-6 of the modsecurity-apache package.\n\nFor the unstable distribution (sid), this problem has been fixed in\nversion 2.6.6-6 of the modsecurity-package package.\n\nWe recommend that you upgrade your libapache-mod-security packages.\n\nFurther information about Debian Security Advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: http://www.debian.org/security/\n\nMailing list: debian-security-announce@lists.debian.org\n", "edition": 7, "modified": "2013-04-10T18:11:40", "published": "2013-04-10T18:11:40", "id": "DEBIAN:DSA-2659-1:31E1E", "href": "https://lists.debian.org/debian-security-announce/debian-security-announce-2013/msg00067.html", "title": "[SECURITY] [DSA 2659-1] libapache-mod-security security update", "type": "debian", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}], "securityvulns": [{"lastseen": "2018-08-31T11:09:51", "bulletinFamily": "software", "cvelist": ["CVE-2013-1915"], "description": "Local files access, resources exhausiton.", "edition": 1, "modified": "2013-04-15T00:00:00", "published": "2013-04-15T00:00:00", "id": "SECURITYVULNS:VULN:13009", "href": "https://vulners.com/securityvulns/SECURITYVULNS:VULN:13009", "title": "Apache mod_security security vulnerabilities", "type": "securityvulns", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-08-31T11:10:47", "bulletinFamily": "software", "cvelist": ["CVE-2013-1915"], "description": "\r\n\r\n-----BEGIN PGP SIGNED MESSAGE-----\r\nHash: SHA1\r\n\r\n- -------------------------------------------------------------------------\r\nDebian Security Advisory DSA-2659-1 security@debian.org\r\nhttp://www.debian.org/security/ Salvatore Bonaccorso\r\nApril 09, 2013 http://www.debian.org/security/faq\r\n- -------------------------------------------------------------------------\r\n\r\nPackage : libapache-mod-security\r\nVulnerability : XML external entity processing vulnerability\r\nProblem type : remote\r\nDebian-specific: no\r\nCVE ID : CVE-2013-1915\r\nDebian Bug : 704625\r\n\r\nTimur Yunusov and Alexey Osipov from Positive Technologies discovered\r\nthat the XML files parser of ModSecurity, an Apache module whose purpose\r\nis to tighten the Web application security, is vulnerable to XML\r\nexternal entities attacks. A specially-crafted XML file provided by a\r\nremote attacker, could lead to local file disclosure or excessive\r\nresources (CPU, memory) consumption when processed.\r\n\r\nThis update introduces a SecXmlExternalEntity option which is 'Off' by\r\ndefault. This will disable the ability of libxml2 to load external\r\nentities.\r\n\r\nFor the stable distribution (squeeze), this problem has been fixed in\r\nversion 2.5.12-1+squeeze2.\r\n\r\nFor the testing distribution (wheezy), this problem has been fixed in\r\nversion 2.6.6-6 of the modsecurity-apache package.\r\n\r\nFor the unstable distribution (sid), this problem has been fixed in\r\nversion 2.6.6-6 of the modsecurity-package package.\r\n\r\nWe recommend that you upgrade your libapache-mod-security packages.\r\n\r\nFurther information about Debian Security Advisories, how to apply\r\nthese updates to your system and frequently asked questions can be\r\nfound at: http://www.debian.org/security/\r\n\r\nMailing list: debian-security-announce@lists.debian.org\r\n-----BEGIN PGP SIGNATURE-----\r\nVersion: GnuPG v1.4.12 (GNU/Linux)\r\n\r\niQEcBAEBAgAGBQJRZaYhAAoJEFb2GnlAHawEJcEH/jTa0h4YLeFM1Ethm17Xnspt\r\nkrXt5vaRbuj1QauO/dPLpnSWDUDIESB3sdL/vxxUbRhFWIbGg2aQHreWFPxONBnk\r\nKzqYXefKhbMjJFRBTKZfv/9j0f2fHHy5xfvZjYPeISpCQVqfiD3bzETY0Z9mvq19\r\nzbrgj9YXCIg6ZdnxF1Q3p0K3wx83uuUcFFk02PfYTtPO+hlzDjkNkq1vn2XKxlAc\r\nP1aWePly4Ii4DlFwnXaWGVzQiiosELd4aqQzZfqeRsSDbk+MBEwH9z/xyjrAsNOI\r\ns/Bvfk4Cxa0I6BqrIEqGcLPW0Gt3td9LdltGDSSD3SokpMUO7ANIrYHKHe+GKfA=\r\n=bgvz\r\n-----END PGP SIGNATURE-----\r\n", "edition": 1, "modified": "2013-04-15T00:00:00", "published": "2013-04-15T00:00:00", "id": "SECURITYVULNS:DOC:29252", "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:29252", "title": "[SECURITY] [DSA 2659-1] libapache-mod-security security update", "type": "securityvulns", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}], "freebsd": [{"lastseen": "2019-05-29T18:33:38", "bulletinFamily": "unix", "cvelist": ["CVE-2013-1915"], "description": "\nPositive Technologies has reported a vulnerability in ModSecurity,\n\t which can be exploited by malicious people to disclose potentially\n\t sensitive information or cause a DoS (Denial Of Serice).\nThe vulnerability is caused due to an error when parsing external\n\t XML entities and can be exploited to e.g. disclose local files or\n\t cause excessive memory and CPU consumption.\n\n.\n\n", "edition": 4, "modified": "2013-04-02T00:00:00", "published": "2013-04-02T00:00:00", "id": "2070C79A-8E1E-11E2-B34D-000C2957946C", "href": "https://vuxml.freebsd.org/freebsd/2070c79a-8e1e-11e2-b34d-000c2957946c.html", "title": "ModSecurity -- XML External Entity Processing Vulnerability", "type": "freebsd", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}], "fedora": [{"lastseen": "2020-12-21T08:17:51", "bulletinFamily": "unix", "cvelist": ["CVE-2013-1915"], "description": "ModSecurity is an open source intrusion detection and prevention engine for web applications. It operates embedded into the web server, acting as a powerful umbrella - shielding web applications from attacks. ", "modified": "2013-04-20T19:30:49", "published": "2013-04-20T19:30:49", "id": "FEDORA:35F052504D", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 19 Update: mod_security-2.7.3-1.fc19", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-12-21T08:17:51", "bulletinFamily": "unix", "cvelist": ["CVE-2012-4528", "CVE-2013-1915"], "description": "ModSecurity is an open source intrusion detection and prevention engine for web applications. It operates embedded into the web server, acting as a powerful umbrella - shielding web applications from attacks. ", "modified": "2013-04-14T00:26:53", "published": "2013-04-14T00:26:53", "id": "FEDORA:12B0C234C4", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 17 Update: mod_security-2.7.3-1.fc17", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}], "nessus": [{"lastseen": "2021-01-07T10:40:27", "description": "Positive Technologies has reported a vulnerability in ModSecurity,\nwhich can be exploited by malicious people to disclose potentially\nsensitive information or cause a DoS (Denial Of Serice).\n\nThe vulnerability is caused due to an error when parsing external XML\nentities and can be exploited to e.g. disclose local files or cause\nexcessive memory and CPU consumption.\n\n.", "edition": 21, "published": "2013-04-17T00:00:00", "title": "FreeBSD : ModSecurity -- XML External Entity Processing Vulnerability (2070c79a-8e1e-11e2-b34d-000c2957946c)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2013-1915"], "modified": "2013-04-17T00:00:00", "cpe": ["p-cpe:/a:freebsd:freebsd:mod_security", "cpe:/o:freebsd:freebsd"], "id": "FREEBSD_PKG_2070C79A8E1E11E2B34D000C2957946C.NASL", "href": "https://www.tenable.com/plugins/nessus/65989", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from the FreeBSD VuXML database :\n#\n# Copyright 2003-2018 Jacques Vidrine and contributors\n#\n# Redistribution and use in source (VuXML) and 'compiled' forms (SGML,\n# HTML, PDF, PostScript, RTF and so forth) with or without modification,\n# are permitted provided that the following conditions are met:\n# 1. Redistributions of source code (VuXML) must retain the above\n# copyright notice, this list of conditions and the following\n# disclaimer as the first lines of this file unmodified.\n# 2. Redistributions in compiled form (transformed to other DTDs,\n# published online in any format, converted to PDF, PostScript,\n# RTF and other formats) must reproduce the above copyright\n# notice, this list of conditions and the following disclaimer\n# in the documentation and/or other materials provided with the\n# distribution.\n# \n# THIS DOCUMENTATION IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS \"AS IS\"\n# AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO,\n# THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR\n# PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS\n# BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,\n# OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT\n# OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR\n# BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,\n# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE\n# OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS DOCUMENTATION,\n# EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(65989);\n script_version(\"1.8\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2013-1915\");\n script_xref(name:\"Secunia\", value:\"52847\");\n\n script_name(english:\"FreeBSD : ModSecurity -- XML External Entity Processing Vulnerability (2070c79a-8e1e-11e2-b34d-000c2957946c)\");\n script_summary(english:\"Checks for updated package in pkg_info output\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote FreeBSD host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Positive Technologies has reported a vulnerability in ModSecurity,\nwhich can be exploited by malicious people to disclose potentially\nsensitive information or cause a DoS (Denial Of Serice).\n\nThe vulnerability is caused due to an error when parsing external XML\nentities and can be exploited to e.g. disclose local files or cause\nexcessive memory and CPU consumption.\n\n.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-1915\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugs.gentoo.org/show_bug.cgi?id=464188\"\n );\n # https://vuxml.freebsd.org/freebsd/2070c79a-8e1e-11e2-b34d-000c2957946c.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?2a32c9e1\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:mod_security\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:freebsd:freebsd\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2013/04/02\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2013/04/16\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/04/17\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"FreeBSD Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/FreeBSD/release\", \"Host/FreeBSD/pkg_info\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"freebsd_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/FreeBSD/release\")) audit(AUDIT_OS_NOT, \"FreeBSD\");\nif (!get_kb_item(\"Host/FreeBSD/pkg_info\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (pkg_test(save_report:TRUE, pkg:\"mod_security>2.*<2.7.3\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:pkg_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-01-07T11:54:10", "description": "A vulnerability has been found and corrected in apache-mod_security :\n\nModSecurity before 2.7.3 allows remote attackers to read arbitrary\nfiles, send HTTP requests to intranet servers, or cause a denial of\nservice (CPU and memory consumption) via an XML external entity\ndeclaration in conjunction with an entity reference, aka an XML\nExternal Entity (XXE) vulnerability (CVE-2013-1915).\n\nThe updated packages have been patched to correct this issue.", "edition": 25, "published": "2013-04-30T00:00:00", "title": "Mandriva Linux Security Advisory : apache-mod_security (MDVSA-2013:156)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2013-1915"], "modified": "2013-04-30T00:00:00", "cpe": ["cpe:/o:mandriva:business_server:1", "p-cpe:/a:mandriva:linux:apache-mod_security", "p-cpe:/a:mandriva:linux:mlogc"], "id": "MANDRIVA_MDVSA-2013-156.NASL", "href": "https://www.tenable.com/plugins/nessus/66266", "sourceData": "#%NASL_MIN_LEVEL 70300\n\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Mandriva Linux Security Advisory MDVSA-2013:156. \n# The text itself is copyright (C) Mandriva S.A.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(66266);\n script_version(\"1.8\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2013-1915\");\n script_bugtraq_id(58810);\n script_xref(name:\"MDVSA\", value:\"2013:156\");\n\n script_name(english:\"Mandriva Linux Security Advisory : apache-mod_security (MDVSA-2013:156)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Mandriva Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"A vulnerability has been found and corrected in apache-mod_security :\n\nModSecurity before 2.7.3 allows remote attackers to read arbitrary\nfiles, send HTTP requests to intranet servers, or cause a denial of\nservice (CPU and memory consumption) via an XML external entity\ndeclaration in conjunction with an entity reference, aka an XML\nExternal Entity (XXE) vulnerability (CVE-2013-1915).\n\nThe updated packages have been patched to correct this issue.\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected apache-mod_security and / or mlogc packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:apache-mod_security\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:mlogc\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:mandriva:business_server:1\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2013/04/29\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/04/30\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Mandriva Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/Mandrake/release\", \"Host/Mandrake/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Mandrake/release\")) audit(AUDIT_OS_NOT, \"Mandriva / Mandake Linux\");\nif (!get_kb_item(\"Host/Mandrake/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^(amd64|i[3-6]86|x86_64)$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Mandriva / Mandrake Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"apache-mod_security-2.6.3-5.2.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"mlogc-2.6.3-5.2.mbs1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-01-01T03:47:37", "description": "According to its banner, the version of ModSecurity installed on the\nremote host is earlier than 2.7.3. It is, therefore, potentially\naffected by a file disclosure vulnerability. An improperly configured\nXML parser could allow untrusted XML entities from external sources to\nbe accepted, thus leading to possible arbitrary file disclosure.\n\nIt could also be possible for internal network servers to receive\nunauthorized requests. Denial of service conditions are also possible.\n\nNote that Nessus has not tested for this issue but has instead relied\nonly on the version in the server's banner.", "edition": 25, "published": "2013-07-02T00:00:00", "title": "ModSecurity < 2.7.3 XML External Entity (XXE) Data Parsing Arbitrary File Disclosure", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2013-1915"], "modified": "2021-01-02T00:00:00", "cpe": ["cpe:/a:modsecurity:modsecurity"], "id": "MODSECURITY_2_7_3.NASL", "href": "https://www.tenable.com/plugins/nessus/67127", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(67127);\n script_version(\"1.8\");\n script_cvs_date(\"Date: 2018/11/15 20:50:22\");\n\n script_cve_id(\"CVE-2013-1915\");\n script_bugtraq_id(58810);\n\n script_name(english:\"ModSecurity < 2.7.3 XML External Entity (XXE) Data Parsing Arbitrary File Disclosure\");\n script_summary(english:\"Checks version in Server response header\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote web application firewall may be affected by a file\ndisclosure vulnerability.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to its banner, the version of ModSecurity installed on the\nremote host is earlier than 2.7.3. It is, therefore, potentially\naffected by a file disclosure vulnerability. An improperly configured\nXML parser could allow untrusted XML entities from external sources to\nbe accepted, thus leading to possible arbitrary file disclosure.\n\nIt could also be possible for internal network servers to receive\nunauthorized requests. Denial of service conditions are also possible.\n\nNote that Nessus has not tested for this issue but has instead relied\nonly on the version in the server's banner.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://seclists.org/oss-sec/2013/q2/5\");\n script_set_attribute(attribute:\"see_also\", value:\"https://github.com/SpiderLabs/ModSecurity/blob/master/CHANGES\");\n # https://github.com/SpiderLabs/ModSecurity/commit/d4d80b38aa85eccb26e3c61b04d16e8ca5de76fe\");\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?13229997\");\n script_set_attribute(attribute:\"solution\", value:\"Upgrade to ModSecurity version 2.7.3 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2013/03/22\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2013/03/28\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/07/02\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"remote\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:modsecurity:modsecurity\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Firewalls\");\n\n script_copyright(english:\"This script is Copyright (C) 2013-2018 Tenable Network Security, Inc.\");\n\n script_dependencies(\"modsecurity_http_version.nasl\");\n script_require_keys(\"www/ModSecurity\", \"Settings/ParanoidReport\");\n script_require_ports(\"Services/www\", 80);\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"http.inc\");\n\nport = get_http_port(default:80);\n\n# Make sure this is ModSecurity\nget_kb_item_or_exit('www/'+port+'/modsecurity');\nversion = get_kb_item_or_exit('www/modsecurity/'+port+'/version', exit_code:1);\nbackported = get_kb_item_or_exit('www/modsecurity/'+port+'/backported', exit_code:1);\n\nif (report_paranoia < 2 && backported) audit(AUDIT_BACKPORT_SERVICE, port, \"ModSecurity\");\n\nif (version == 'unknown') audit(AUDIT_UNKNOWN_WEB_SERVER_VER, \"ModSecurity\", port);\n\nfixed_ver = '2.7.3';\nif (\n version =~ \"^[01]\\.\" ||\n version =~ \"^2\\.([0-6]|7\\.[0-2])($|[^0-9])\"\n)\n{\n if (report_verbosity > 0)\n {\n source = get_kb_item_or_exit('www/modsecurity/'+port+'/source', exit_code:1);\n report =\n '\\n Version source : ' + source +\n '\\n Installed version : ' + version +\n '\\n Fixed version : ' + fixed_ver + '\\n';\n security_hole(port:port, extra:report);\n }\n else security_hole(port);\n exit(0);\n}\nelse audit(AUDIT_LISTEN_NOT_VULN, \"ModSecurity\", port, version);\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-01-12T10:11:49", "description": "Update to 2.7.3. Upstream changelog:\nhttps://github.com/SpiderLabs/ModSecurity/blob/master/CHANGES\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "edition": 14, "published": "2013-04-14T00:00:00", "title": "Fedora 17 : mod_security-2.7.3-1.fc17 (2013-4834)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2013-1915"], "modified": "2013-04-14T00:00:00", "cpe": ["cpe:/o:fedoraproject:fedora:17", "p-cpe:/a:fedoraproject:fedora:mod_security"], "id": "FEDORA_2013-4834.NASL", "href": "https://www.tenable.com/plugins/nessus/65962", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2013-4834.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(65962);\n script_version(\"1.10\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2013-1915\");\n script_bugtraq_id(58810);\n script_xref(name:\"FEDORA\", value:\"2013-4834\");\n\n script_name(english:\"Fedora 17 : mod_security-2.7.3-1.fc17 (2013-4834)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Update to 2.7.3. Upstream changelog:\nhttps://github.com/SpiderLabs/ModSecurity/blob/master/CHANGES\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=947842\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://github.com/SpiderLabs/ModSecurity/blob/master/CHANGES\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2013-April/101898.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?100c8bc4\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected mod_security package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:mod_security\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:17\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2013/04/04\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/04/14\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^17([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 17.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC17\", reference:\"mod_security-2.7.3-1.fc17\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"mod_security\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-01-12T10:11:49", "description": "Update to 2.7.3. Upstream changelog:\nhttps://github.com/SpiderLabs/ModSecurity/blob/master/CHANGES\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "edition": 14, "published": "2013-04-14T00:00:00", "title": "Fedora 18 : mod_security-2.7.3-1.fc18 (2013-4831)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2013-1915"], "modified": "2013-04-14T00:00:00", "cpe": ["cpe:/o:fedoraproject:fedora:18", "p-cpe:/a:fedoraproject:fedora:mod_security"], "id": "FEDORA_2013-4831.NASL", "href": "https://www.tenable.com/plugins/nessus/65961", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2013-4831.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(65961);\n script_version(\"1.10\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2013-1915\");\n script_bugtraq_id(58810);\n script_xref(name:\"FEDORA\", value:\"2013-4831\");\n\n script_name(english:\"Fedora 18 : mod_security-2.7.3-1.fc18 (2013-4831)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Update to 2.7.3. Upstream changelog:\nhttps://github.com/SpiderLabs/ModSecurity/blob/master/CHANGES\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=947842\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://github.com/SpiderLabs/ModSecurity/blob/master/CHANGES\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2013-April/101911.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?75b32461\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected mod_security package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:mod_security\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:18\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2013/04/04\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/04/14\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^18([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 18.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC18\", reference:\"mod_security-2.7.3-1.fc18\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"mod_security\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-01-12T09:47:49", "description": "Timur Yunusov and Alexey Osipov from Positive Technologies discovered\nthat the XML files parser of ModSecurity, an Apache module whose\npurpose is to tighten the Web application security, is vulnerable to\nXML external entities attacks. A specially crafted XML file provided\nby a remote attacker, could lead to local file disclosure or excessive\nresources (CPU, memory) consumption when processed.\n\nThis update introduces a SecXmlExternalEntity option which is 'Off'by\ndefault. This will disable the ability of libxml2 to load external\nentities.", "edition": 17, "published": "2013-04-11T00:00:00", "title": "Debian DSA-2659-1 : libapache-mod-security - XML external entity processing vulnerability", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2013-1915"], "modified": "2013-04-11T00:00:00", "cpe": ["cpe:/o:debian:debian_linux:6.0", "p-cpe:/a:debian:debian_linux:libapache-mod-security"], "id": "DEBIAN_DSA-2659.NASL", "href": "https://www.tenable.com/plugins/nessus/65921", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Debian Security Advisory DSA-2659. The text \n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(65921);\n script_version(\"1.11\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2013-1915\");\n script_bugtraq_id(58810);\n script_xref(name:\"DSA\", value:\"2659\");\n\n script_name(english:\"Debian DSA-2659-1 : libapache-mod-security - XML external entity processing vulnerability\");\n script_summary(english:\"Checks dpkg output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Timur Yunusov and Alexey Osipov from Positive Technologies discovered\nthat the XML files parser of ModSecurity, an Apache module whose\npurpose is to tighten the Web application security, is vulnerable to\nXML external entities attacks. A specially crafted XML file provided\nby a remote attacker, could lead to local file disclosure or excessive\nresources (CPU, memory) consumption when processed.\n\nThis update introduces a SecXmlExternalEntity option which is 'Off'by\ndefault. This will disable the ability of libxml2 to load external\nentities.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=704625\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://packages.debian.org/source/squeeze/libapache-mod-security\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.debian.org/security/2013/dsa-2659\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Upgrade the libapache-mod-security packages.\n\nFor the stable distribution (squeeze), this problem has been fixed in\nversion 2.5.12-1+squeeze2.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libapache-mod-security\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:6.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2013/04/09\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/04/11\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"6.0\", prefix:\"libapache-mod-security\", reference:\"2.5.12-1+squeeze2\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"mod-security-common\", reference:\"2.5.12-1+squeeze2\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:deb_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-01-12T10:11:49", "description": "Update to 2.7.3. Upstream changelog:\nhttps://github.com/SpiderLabs/ModSecurity/blob/master/CHANGES\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "edition": 14, "published": "2013-04-22T00:00:00", "title": "Fedora 19 : mod_security-2.7.3-1.fc19 (2013-4908)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2013-1915"], "modified": "2013-04-22T00:00:00", "cpe": ["cpe:/o:fedoraproject:fedora:19", "p-cpe:/a:fedoraproject:fedora:mod_security"], "id": "FEDORA_2013-4908.NASL", "href": "https://www.tenable.com/plugins/nessus/66162", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2013-4908.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(66162);\n script_version(\"1.10\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2013-1915\");\n script_bugtraq_id(58810);\n script_xref(name:\"FEDORA\", value:\"2013-4908\");\n\n script_name(english:\"Fedora 19 : mod_security-2.7.3-1.fc19 (2013-4908)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Update to 2.7.3. Upstream changelog:\nhttps://github.com/SpiderLabs/ModSecurity/blob/master/CHANGES\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=947842\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://github.com/SpiderLabs/ModSecurity/blob/master/CHANGES\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2013-April/102616.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?665c0da0\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected mod_security package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:mod_security\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:19\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2013/04/05\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/04/22\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^19([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 19.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC19\", reference:\"mod_security-2.7.3-1.fc19\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"mod_security\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-01-01T05:49:13", "description": "The remote Solaris system is missing necessary patches to address\nsecurity updates :\n\n - ModSecurity before 2.6.6, when used with PHP, does not\n properly handle single quotes not at the beginning of a\n request parameter value in the Content-Disposition field\n of a request with a multipart/form-data Content-Type\n header, which allows remote attackers to bypass\n filtering rules and perform other attacks such as\n cross-site scripting (XSS) attacks. NOTE: this\n vulnerability exists because of an incomplete fix for\n CVE-2009-5031. (CVE-2012-2751)\n\n - ModSecurity before 2.7.3 allows remote attackers to read\n arbitrary files, send HTTP requests to intranet servers,\n or cause a denial of service (CPU and memory\n consumption) via an XML external entity declaration in\n conjunction with an entity reference, aka an XML\n External Entity (XXE) vulnerability. (CVE-2013-1915)", "edition": 23, "published": "2015-01-19T00:00:00", "title": "Oracle Solaris Third-Party Patch Update : modsecurity (cve_2012_2751_improper_input)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2012-2751", "CVE-2009-5031", "CVE-2013-1915"], "modified": "2021-01-02T00:00:00", "cpe": ["cpe:/o:oracle:solaris:11.2", "p-cpe:/a:oracle:solaris:modsecurity"], "id": "SOLARIS11_MODSECURITY_20140731.NASL", "href": "https://www.tenable.com/plugins/nessus/80704", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from the Oracle Third Party software advisories.\n#\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(80704);\n script_version(\"1.3\");\n script_cvs_date(\"Date: 2018/11/15 20:50:25\");\n\n script_cve_id(\"CVE-2012-2751\", \"CVE-2013-1915\");\n\n script_name(english:\"Oracle Solaris Third-Party Patch Update : modsecurity (cve_2012_2751_improper_input)\");\n script_summary(english:\"Check for the 'entire' version.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Solaris system is missing a security patch for third-party\nsoftware.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The remote Solaris system is missing necessary patches to address\nsecurity updates :\n\n - ModSecurity before 2.6.6, when used with PHP, does not\n properly handle single quotes not at the beginning of a\n request parameter value in the Content-Disposition field\n of a request with a multipart/form-data Content-Type\n header, which allows remote attackers to bypass\n filtering rules and perform other attacks such as\n cross-site scripting (XSS) attacks. NOTE: this\n vulnerability exists because of an incomplete fix for\n CVE-2009-5031. (CVE-2012-2751)\n\n - ModSecurity before 2.7.3 allows remote attackers to read\n arbitrary files, send HTTP requests to intranet servers,\n or cause a denial of service (CPU and memory\n consumption) via an XML external entity declaration in\n conjunction with an entity reference, aka an XML\n External Entity (XXE) vulnerability. (CVE-2013-1915)\"\n );\n # https://www.oracle.com/technetwork/topics/security/thirdparty-patch-map-1482893.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?4a913f44\"\n );\n # https://blogs.oracle.com/sunsecurity/cve-2012-2751-improper-input-validation-vulnerability-in-modsecurity\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?0491cdf3\"\n );\n # https://blogs.oracle.com/sunsecurity/cve-2013-1915-input-validation-vulnerability-in-modsecurity\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?17cc9506\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Upgrade to Solaris 11.2.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:solaris:11.2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:solaris:modsecurity\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/07/31\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/01/19\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015-2018 Tenable Network Security, Inc.\");\n script_family(english:\"Solaris Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Solaris11/release\", \"Host/Solaris11/pkg-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"solaris.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Solaris11/release\");\nif (isnull(release)) audit(AUDIT_OS_NOT, \"Solaris11\");\npkg_list = solaris_pkg_list_leaves();\nif (isnull (pkg_list)) audit(AUDIT_PACKAGE_LIST_MISSING, \"Solaris pkg-list packages\");\n\nif (empty_or_null(egrep(string:pkg_list, pattern:\"^modsecurity$\"))) audit(AUDIT_PACKAGE_NOT_INSTALLED, \"modsecurity\");\n\nflag = 0;\n\nif (solaris_check_release(release:\"0.5.11-0.175.2.0.0.0.0\", sru:\"11.2 SRU 0\") > 0) flag++;\n\nif (flag)\n{\n set_kb_item(name:'www/0/XSS', value:TRUE);\n error_extra = 'Affected package : modsecurity\\n' + solaris_get_report2();\n error_extra = ereg_replace(pattern:\"version\", replace:\"OS version\", string:error_extra);\n if (report_verbosity > 0) security_hole(port:0, extra:error_extra);\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_PACKAGE_NOT_AFFECTED, \"modsecurity\");\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-09-14T16:34:00", "description": " - complete overhaul of this package, with update to 2.7.5.\n\n - ruleset update to 2.2.8-0-g0f07cbb. \n\n - new configuration framework private to mod_security2:\n /etc/apache2/conf.d/mod_security2.conf loads\n /usr/share/apache2-mod_security2/rules/modsecurity_crs_1\n 0_setup.conf, then /etc/apache2/mod_security2.d/*.conf ,\n as set up based on advice in\n /etc/apache2/conf.d/mod_security2.conf Your\n configuration starting point is\n /etc/apache2/conf.d/mod_security2.conf\n\n - !!! Please note that mod_unique_id is needed for\n mod_security2 to run!\n\n - modsecurity-apache_2.7.5-build_fix_pcre.diff changes\n erroneaous linker parameter, preventing rpath in shared\n object.\n\n - fixes contained for the following bugs :\n\n - CVE-2009-5031, CVE-2012-2751 [bnc#768293] request\n parameter handling\n\n - [bnc#768293] multi-part bypass, minor threat\n\n - CVE-2013-1915 [bnc#813190] XML external entity\n vulnerability\n\n - CVE-2012-4528 [bnc#789393] rule bypass\n\n - CVE-2013-2765 [bnc#822664] NULL pointer dereference\n crash\n\n - new from 2.5.9 to 2.7.5, only major changes :\n\n - GPLv2 replaced by Apache License v2\n\n - rules are not part of the source tarball any longer, but\n maintaned upstream externally, and included in this\n package.\n\n - documentation was externalized to a wiki. Package\n contains the FAQ and the reference manual in html form.\n\n - renamed the term 'Encryption' in directives that\n actually refer to hashes. See CHANGES file for more\n details.\n\n - new directive SecXmlExternalEntity, default off\n\n - byte conversion issues on s390x when logging fixed.\n\n - many small issues fixed that were discovered by a\n Coverity scanner\n\n - updated reference manual\n\n - wrong time calculation when logging for some timezones\n fixed.\n\n - replaced time-measuring mechanism with finer granularity\n for measured request/answer phases. (Stopwatch remains\n for compat.)\n\n - cookie parser memory leak fix\n\n - parsing of quoted strings in multipart\n Content-Disposition headers fixed.\n\n - SDBM deadlock fix\n\n - @rsub memory leak fix\n\n - cookie separator code improvements\n\n - build failure fixes\n\n - compile time option --enable-htaccess-config (set)", "edition": 20, "published": "2014-06-13T00:00:00", "title": "openSUSE Security Update : apache2-mod_security2 (openSUSE-SU-2013:1336-1)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2012-2751", "CVE-2009-5031", "CVE-2012-4528", "CVE-2013-2765", "CVE-2013-1915"], "modified": "2014-06-13T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:apache2-mod_security2-debugsource", "p-cpe:/a:novell:opensuse:apache2-mod_security2-debuginfo", "p-cpe:/a:novell:opensuse:apache2-mod_security2", "cpe:/o:novell:opensuse:12.2"], "id": "OPENSUSE-2013-640.NASL", "href": "https://www.tenable.com/plugins/nessus/75112", "sourceData": "#%NASL_MIN_LEVEL 80502\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update openSUSE-2013-640.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(75112);\n script_version(\"1.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2020/06/04\");\n\n script_cve_id(\"CVE-2009-5031\", \"CVE-2012-2751\", \"CVE-2012-4528\", \"CVE-2013-1915\", \"CVE-2013-2765\");\n\n script_name(english:\"openSUSE Security Update : apache2-mod_security2 (openSUSE-SU-2013:1336-1)\");\n script_summary(english:\"Check for the openSUSE-2013-640 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\" - complete overhaul of this package, with update to 2.7.5.\n\n - ruleset update to 2.2.8-0-g0f07cbb. \n\n - new configuration framework private to mod_security2:\n /etc/apache2/conf.d/mod_security2.conf loads\n /usr/share/apache2-mod_security2/rules/modsecurity_crs_1\n 0_setup.conf, then /etc/apache2/mod_security2.d/*.conf ,\n as set up based on advice in\n /etc/apache2/conf.d/mod_security2.conf Your\n configuration starting point is\n /etc/apache2/conf.d/mod_security2.conf\n\n - !!! Please note that mod_unique_id is needed for\n mod_security2 to run!\n\n - modsecurity-apache_2.7.5-build_fix_pcre.diff changes\n erroneaous linker parameter, preventing rpath in shared\n object.\n\n - fixes contained for the following bugs :\n\n - CVE-2009-5031, CVE-2012-2751 [bnc#768293] request\n parameter handling\n\n - [bnc#768293] multi-part bypass, minor threat\n\n - CVE-2013-1915 [bnc#813190] XML external entity\n vulnerability\n\n - CVE-2012-4528 [bnc#789393] rule bypass\n\n - CVE-2013-2765 [bnc#822664] NULL pointer dereference\n crash\n\n - new from 2.5.9 to 2.7.5, only major changes :\n\n - GPLv2 replaced by Apache License v2\n\n - rules are not part of the source tarball any longer, but\n maintaned upstream externally, and included in this\n package.\n\n - documentation was externalized to a wiki. Package\n contains the FAQ and the reference manual in html form.\n\n - renamed the term 'Encryption' in directives that\n actually refer to hashes. See CHANGES file for more\n details.\n\n - new directive SecXmlExternalEntity, default off\n\n - byte conversion issues on s390x when logging fixed.\n\n - many small issues fixed that were discovered by a\n Coverity scanner\n\n - updated reference manual\n\n - wrong time calculation when logging for some timezones\n fixed.\n\n - replaced time-measuring mechanism with finer granularity\n for measured request/answer phases. (Stopwatch remains\n for compat.)\n\n - cookie parser memory leak fix\n\n - parsing of quoted strings in multipart\n Content-Disposition headers fixed.\n\n - SDBM deadlock fix\n\n - @rsub memory leak fix\n\n - cookie separator code improvements\n\n - build failure fixes\n\n - compile time option --enable-htaccess-config (set)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=768293\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=789393\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=813190\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=822664\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://lists.opensuse.org/opensuse-updates/2013-08/msg00025.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected apache2-mod_security2 packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:apache2-mod_security2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:apache2-mod_security2-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:apache2-mod_security2-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:12.2\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2013/08/05\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/06/13\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014-2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE12\\.2)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"12.2\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE12.2\", reference:\"apache2-mod_security2-2.7.5-14.4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", reference:\"apache2-mod_security2-debuginfo-2.7.5-14.4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", reference:\"apache2-mod_security2-debugsource-2.7.5-14.4.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"apache2-mod_security2 / apache2-mod_security2-debuginfo / etc\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-09-14T16:34:00", "description": " - complete overhaul of this package, with update to 2.7.5.\n\n - ruleset update to 2.2.8-0-g0f07cbb.\n\n - new configuration framework private to mod_security2:\n /etc/apache2/conf.d/mod_security2.conf loads\n /usr/share/apache2-mod_security2/rules/modsecurity_crs_1\n 0_setup.conf, then /etc/apache2/mod_security2.d/*.conf ,\n as set up based on advice in\n /etc/apache2/conf.d/mod_security2.conf Your\n configuration starting point is\n /etc/apache2/conf.d/mod_security2.conf\n\n - !!! Please note that mod_unique_id is needed for\n mod_security2 to run!\n\n - modsecurity-apache_2.7.5-build_fix_pcre.diff changes\n erroneaous linker parameter, preventing rpath in shared\n object.\n\n - fixes contained for the following bugs :\n\n - CVE-2009-5031, CVE-2012-2751 [bnc#768293] request\n parameter handling\n\n - [bnc#768293] multi-part bypass, minor threat\n\n - CVE-2013-1915 [bnc#813190] XML external entity\n vulnerability\n\n - CVE-2012-4528 [bnc#789393] rule bypass\n\n - CVE-2013-2765 [bnc#822664] NULL pointer dereference\n crash\n\n - new from 2.5.9 to 2.7.5, only major changes :\n\n - GPLv2 replaced by Apache License v2\n\n - rules are not part of the source tarball any longer, but\n maintaned upstream externally, and included in this\n package.\n\n - documentation was externalized to a wiki. Package\n contains the FAQ and the reference manual in html form.\n\n - renamed the term 'Encryption' in directives that\n actually refer to hashes. See CHANGES file for more\n details.\n\n - new directive SecXmlExternalEntity, default off\n\n - byte conversion issues on s390x when logging fixed.\n\n - many small issues fixed that were discovered by a\n Coverity scanner\n\n - updated reference manual\n\n - wrong time calculation when logging for some timezones\n fixed.\n\n - replaced time-measuring mechanism with finer granularity\n for measured request/answer phases. (Stopwatch remains\n for compat.)\n\n - cookie parser memory leak fix\n\n - parsing of quoted strings in multipart\n Content-Disposition headers fixed.\n\n - SDBM deadlock fix\n\n - @rsub memory leak fix\n\n - cookie separator code improvements\n\n - build failure fixes\n\n - compile time option --enable-htaccess-config (set)", "edition": 20, "published": "2014-06-13T00:00:00", "title": "openSUSE Security Update : apache2-mod_security2 (openSUSE-SU-2013:1331-1)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2012-2751", "CVE-2009-5031", "CVE-2012-4528", "CVE-2013-2765", "CVE-2013-1915"], "modified": "2014-06-13T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:apache2-mod_security2-debugsource", "cpe:/o:novell:opensuse:12.3", "p-cpe:/a:novell:opensuse:apache2-mod_security2-debuginfo", "p-cpe:/a:novell:opensuse:apache2-mod_security2"], "id": "OPENSUSE-2013-641.NASL", "href": "https://www.tenable.com/plugins/nessus/75113", "sourceData": "#%NASL_MIN_LEVEL 80502\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update openSUSE-2013-641.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(75113);\n script_version(\"1.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2020/06/04\");\n\n script_cve_id(\"CVE-2009-5031\", \"CVE-2012-2751\", \"CVE-2012-4528\", \"CVE-2013-1915\", \"CVE-2013-2765\");\n\n script_name(english:\"openSUSE Security Update : apache2-mod_security2 (openSUSE-SU-2013:1331-1)\");\n script_summary(english:\"Check for the openSUSE-2013-641 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\" - complete overhaul of this package, with update to 2.7.5.\n\n - ruleset update to 2.2.8-0-g0f07cbb.\n\n - new configuration framework private to mod_security2:\n /etc/apache2/conf.d/mod_security2.conf loads\n /usr/share/apache2-mod_security2/rules/modsecurity_crs_1\n 0_setup.conf, then /etc/apache2/mod_security2.d/*.conf ,\n as set up based on advice in\n /etc/apache2/conf.d/mod_security2.conf Your\n configuration starting point is\n /etc/apache2/conf.d/mod_security2.conf\n\n - !!! Please note that mod_unique_id is needed for\n mod_security2 to run!\n\n - modsecurity-apache_2.7.5-build_fix_pcre.diff changes\n erroneaous linker parameter, preventing rpath in shared\n object.\n\n - fixes contained for the following bugs :\n\n - CVE-2009-5031, CVE-2012-2751 [bnc#768293] request\n parameter handling\n\n - [bnc#768293] multi-part bypass, minor threat\n\n - CVE-2013-1915 [bnc#813190] XML external entity\n vulnerability\n\n - CVE-2012-4528 [bnc#789393] rule bypass\n\n - CVE-2013-2765 [bnc#822664] NULL pointer dereference\n crash\n\n - new from 2.5.9 to 2.7.5, only major changes :\n\n - GPLv2 replaced by Apache License v2\n\n - rules are not part of the source tarball any longer, but\n maintaned upstream externally, and included in this\n package.\n\n - documentation was externalized to a wiki. Package\n contains the FAQ and the reference manual in html form.\n\n - renamed the term 'Encryption' in directives that\n actually refer to hashes. See CHANGES file for more\n details.\n\n - new directive SecXmlExternalEntity, default off\n\n - byte conversion issues on s390x when logging fixed.\n\n - many small issues fixed that were discovered by a\n Coverity scanner\n\n - updated reference manual\n\n - wrong time calculation when logging for some timezones\n fixed.\n\n - replaced time-measuring mechanism with finer granularity\n for measured request/answer phases. (Stopwatch remains\n for compat.)\n\n - cookie parser memory leak fix\n\n - parsing of quoted strings in multipart\n Content-Disposition headers fixed.\n\n - SDBM deadlock fix\n\n - @rsub memory leak fix\n\n - cookie separator code improvements\n\n - build failure fixes\n\n - compile time option --enable-htaccess-config (set)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=768293\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=789393\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=813190\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=822664\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://lists.opensuse.org/opensuse-updates/2013-08/msg00020.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected apache2-mod_security2 packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:apache2-mod_security2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:apache2-mod_security2-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:apache2-mod_security2-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:12.3\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2013/08/05\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/06/13\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014-2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE12\\.3)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"12.3\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE12.3\", reference:\"apache2-mod_security2-2.7.5-2.4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"apache2-mod_security2-debuginfo-2.7.5-2.4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"apache2-mod_security2-debugsource-2.7.5-2.4.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"apache2-mod_security2 / apache2-mod_security2-debuginfo / etc\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}]}
