Lucene search
K

8 matches found

seebug.org
seebug.org
added 2014/07/01 12:0 a.m.15 views

mod_security <= 2.1.0 (ASCIIZ byte) POST Rules Bypass Vulnerability

No description provided by source. modsecurity = 2.1.0 ASCIIZ byte POST Rules Bypass Vulnerability http://www.php-security.org/MOPB/BONUS-12-2007.html Affected is modsecurity = 2.1.0 Detailed information Detailed information When modsecurity receives a request it parses it into web application...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2007/03/12 12:0 a.m.256 views

mod_security &lt;= 2.1.0 (ASCIIZ byte) POST Rules Bypass Vulnerability

No description provided by source. modsecurity = 2.1.0 ASCIIZ byte POST Rules Bypass Vulnerability http://www.php-security.org/MOPB/BONUS-12-2007.html Affected is modsecurity = 2.1.0 Detailed information Detailed information When modsecurity receives a request it parses it into web application...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2007/03/09 12:0 a.m.19 views

Mod_Security ASCIIZ字节绕过安全限制漏洞

modsecurity是经常与PHP结合使用的Web应用防火墙。 modsecurity在处理特定的HTTP数据时存在漏洞,远程攻击者可能利用此漏洞绕过某些安全限制。 在接收到请求后modsecurity会将其解析成为Web应用参数。由于解析入站数据的方式遵循RFC中所定义的规则而不一定是Perl、Python、Java或PHP中的HTTP请求解析器所兼容的方式,因此如果RFC与实际实现方式不匹配时可能存在一些限制绕过漏洞。...

7.1AI score
Exploits0
Prion
Prion
added 2007/03/08 10:19 p.m.17 views

Design/Logic Flaw

Interpretation conflict in ModSecurity modsecurity 2.1.0 and earlier allows remote attackers to bypass request rules via application/x-www-form-urlencoded POST data that contains an ASCIIZ 0x00 byte, which modsecurity treats as a terminator even though it is still processed as normal data by some...

6.8CVSS6.9AI score0.06616EPSS
Exploits1References15Affected Software1
UbuntuCve
UbuntuCve
added 2007/03/08 10:19 p.m.23 views

CVE-2007-1359

Interpretation conflict in ModSecurity modsecurity 2.1.0 and earlier allows remote attackers to bypass request rules via application/x-www-form-urlencoded POST data that contains an ASCIIZ 0x00 byte, which modsecurity treats as a terminator even though it is still processed as normal data by some...

6.8CVSS6AI score0.06616EPSS
Exploits1References2
Exploit DB
Exploit DB
added 2007/03/07 12:0 a.m.40 views

mod_security 2.1.0 - ASCIIZ byte POST Rules Bypass

modsecurity Now call it with a command like $ echo -e "&var=alert/xss/;" postdata $ curl http://localhost/test.php --data-binary @postdata -A Harmle...

7AI score
Exploits0
0day.today
0day.today
added 2007/03/07 12:0 a.m.92 views

mod_security <= 2.1.0 (ASCIIZ byte) POST Rules Bypass Vulnerability

Exploit for multiple platform in category remote exploits =================================================================== modsecurity = 2.1.0 ASCIIZ byte POST Rules Bypass Vulnerability =================================================================== modsecurity = 2.1.0 ASCIIZ byte POST...

7.1AI score
Exploits0
exploitpack
exploitpack
added 2007/03/07 12:0 a.m.12 views

mod_security 2.1.0 - ASCIIZ byte POST Rules Bypass

modsecurity 2.1.0 - ASCIIZ byte POST Rules Bypass modsecurity Now call it with a command like $ echo -e "&var=alert/xss/;" postdata $ curl http://localhost/test.php --data-binary...

7.4AI score
Exploits0
Rows per page
Query Builder