www/mod_security -- NULL pointer dereference DoS

2013-05-27T00:00:00
ID 9DFB63B8-8F36-11E2-B34D-000C2957946C
Type freebsd
Reporter FreeBSD
Modified 2013-05-27T00:00:00

Description

SecurityFocus reports:

When ModSecurity receives a request body with a size bigger than the value set by the "SecRequestBodyInMemoryLimit" and with a "Content-Type" that has no request body processor mapped to it, ModSecurity will systematically crash on every call to "forceRequestBodyVariable".