8 matches found
mod_security <= 2.1.0 (ASCIIZ byte) POST Rules Bypass Vulnerability
No description provided by source. modsecurity = 2.1.0 ASCIIZ byte POST Rules Bypass Vulnerability http://www.php-security.org/MOPB/BONUS-12-2007.html Affected is modsecurity = 2.1.0 Detailed information Detailed information When modsecurity receives a request it parses it into web application...
mod_security <= 2.1.0 (ASCIIZ byte) POST Rules Bypass Vulnerability
No description provided by source. modsecurity = 2.1.0 ASCIIZ byte POST Rules Bypass Vulnerability http://www.php-security.org/MOPB/BONUS-12-2007.html Affected is modsecurity = 2.1.0 Detailed information Detailed information When modsecurity receives a request it parses it into web application...
Mod_Security ASCIIZ字节绕过安全限制漏洞
modsecurity是经常与PHP结合使用的Web应用防火墙。 modsecurity在处理特定的HTTP数据时存在漏洞,远程攻击者可能利用此漏洞绕过某些安全限制。 在接收到请求后modsecurity会将其解析成为Web应用参数。由于解析入站数据的方式遵循RFC中所定义的规则而不一定是Perl、Python、Java或PHP中的HTTP请求解析器所兼容的方式,因此如果RFC与实际实现方式不匹配时可能存在一些限制绕过漏洞。...
Design/Logic Flaw
Interpretation conflict in ModSecurity modsecurity 2.1.0 and earlier allows remote attackers to bypass request rules via application/x-www-form-urlencoded POST data that contains an ASCIIZ 0x00 byte, which modsecurity treats as a terminator even though it is still processed as normal data by some...
CVE-2007-1359
Interpretation conflict in ModSecurity modsecurity 2.1.0 and earlier allows remote attackers to bypass request rules via application/x-www-form-urlencoded POST data that contains an ASCIIZ 0x00 byte, which modsecurity treats as a terminator even though it is still processed as normal data by some...
mod_security 2.1.0 - ASCIIZ byte POST Rules Bypass
modsecurity Now call it with a command like $ echo -e "&var=alert/xss/;" postdata $ curl http://localhost/test.php --data-binary @postdata -A Harmle...
mod_security <= 2.1.0 (ASCIIZ byte) POST Rules Bypass Vulnerability
Exploit for multiple platform in category remote exploits =================================================================== modsecurity = 2.1.0 ASCIIZ byte POST Rules Bypass Vulnerability =================================================================== modsecurity = 2.1.0 ASCIIZ byte POST...
mod_security 2.1.0 - ASCIIZ byte POST Rules Bypass
modsecurity 2.1.0 - ASCIIZ byte POST Rules Bypass modsecurity Now call it with a command like $ echo -e "&var=alert/xss/;" postdata $ curl http://localhost/test.php --data-binary...