mod_security Server Output Overflow

2003-10-29T05:36:58
ID OSVDB:2725
Type osvdb
Reporter OSVDB
Modified 2003-10-29T05:36:58

Description

Vulnerability Description

A remote overflow exists in mod_security Apache module for Apache version 2. The sec_filter_out() function of mod_security fails to perform proper bounds checking on data transfered from server-side scripts, resulting in a buffer overflow. With a specially crafted request, an attacker can cause execute arbitrary code on the server resulting in a loss of confidentiality, integrity, and/or availability.

Technical Description

This flaw is only present in the mod_security Apache 2 module

Solution Description

Upgrade to version 1.7.2 or higher, as it has been reported to fix this vulnerability. It is also possible to correct the flaw by implementing the following workaround(s): Turn off filtering by editing your httpd.conf file and setting "SecFilterScanOutput" to "Off"

Short Description

A remote overflow exists in mod_security Apache module for Apache version 2. The sec_filter_out() function of mod_security fails to perform proper bounds checking on data transfered from server-side scripts, resulting in a buffer overflow. With a specially crafted request, an attacker can cause execute arbitrary code on the server resulting in a loss of confidentiality, integrity, and/or availability.

References:

Vendor URL: http://www.modsecurity.org/ Secunia Advisory ID:10085 Other Advisory URL: http://archives.neohapsis.com/archives/bugtraq/2003-10/0293.html ISS X-Force ID: 13543 Bugtraq ID: 8919