Lucene search
Gentoo FoundationMGASA-2014-0180HistoryApr 18, 2014 - 12:26 a.m.
Updated apache-mod_security packages fix security vulnerability
2014-04-1800:26:15
Gentoo Foundation
advisories.mageia.org
11
5 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:L/Au:N/C:N/I:P/A:N
0.008 Low
EPSS
Percentile
81.7%
Updated apache-mod_security packages fix security vulnerability: Martin Holst Swende discovered a flaw in the way mod_security handled chunked requests. A remote attacker could use this flaw to bypass intended mod_security restrictions, allowing them to send requests containing content that should have been removed by mod_security (CVE-2013-5705).
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Mageia | 3 | noarch | apache-mod_security | < 2.7.4-1.1 | apache-mod_security-2.7.4-1.1.mga3 |
| Mageia | 4 | noarch | apache-mod_security | < 2.7.5-2.1 | apache-mod_security-2.7.5-2.1.mga4 |
Related
nessus
nessus
ModSecurity < 2.7.6 Chunked Header Filter Bypass
2014-05-12 00:00:00
openSUSE Security Update : apache2-mod_security2 (openSUSE-SU-2014:1047-1)
2014-08-21 00:00:00
Mandriva Linux Security Advisory : apache-mod_security (MDVSA-2015:106)
2015-03-30 00:00:00
ubuntucve
ubuntucve
CVE-2013-5705
2014-04-15 00:00:00
cve
cve
CVE-2013-5705
2014-04-15 10:55:00
openvas
openvas
SUSE: Security Advisory (SUSE-SU-2014:0972-1)
2021-06-09 00:00:00
Amazon Linux: Security Advisory (ALAS-2014-335)
2015-09-08 00:00:00
Fedora Update for mod_security FEDORA-2014-4720
2014-04-15 00:00:00
securityvulns
securityvulns
Apache mod_security protection bypass
2014-05-10 00:00:00
[ MDVSA-2014:081 ] apache-mod_security
2014-05-10 00:00:00
prion
prion
Authentication flaw
2014-04-15 10:55:00
debian
debian
[SECURITY] [DSA 2991-1] modsecurity-apache security update
2014-07-27 17:54:18
[DLA 34-1] libapache-mod-security security update
2014-08-09 14:01:56
[SECURITY] [DSA 2991-1] modsecurity-apache security update
2014-07-27 17:53:46
seebug
seebug
ModSecurity HTTP请求分块编码安全限制绕过漏洞
2014-04-02 00:00:00
osv
osv
modsecurity-apache - security update
2014-07-27 00:00:00
debiancve
debiancve
CVE-2013-5705
2014-04-15 10:55:00
amazon
amazon
Medium: mod_security
2014-05-06 22:19:00
Medium: mod24_security
2014-05-06 22:19:00
fedora
fedora
[SECURITY] Fedora 19 Update: mod_security-2.7.5-3.fc19
2014-04-14 22:33:53
[SECURITY] Fedora 20 Update: mod_security-2.7.5-3.fc20
2014-04-14 22:41:25
checkpoint_advisories
checkpoint_advisories
suse
suse
5 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:L/Au:N/C:N/I:P/A:N
0.008 Low
EPSS
Percentile
81.7%
Related for MGASA-2014-0180