Mageia: Security Advisory (MGASA-2014-0180)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Mageia: Security Advisory (MGASA-2021-0576)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

mod_security bug fix and enhancement update

For detailed information on changes in this release, see the AlmaLinux Release Notes linked from the References section...

ALEA-2021:1833 mod_security bug fix and enhancement update

For detailed information on changes in this release, see the AlmaLinux Release Notes linked from the References section...

mod_security bug fix and enhancement update

An update is available for modsecurity. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list For detailed information on changes in this release, see the Rocky...

Mod_Security <= 3.0 Bypass XSS Payload Vulnerability

ModSecxurity = 3.0 XSS payload. This is private exploit. You can buy it at https://0day.today...

runAV mod_security Remote Command Execution

Title : runAV modsecurity Remote Command Execution Date : 13/05/2016 Author : R-73eN Tested on : modsecurity with runAV Linux 4.2.0-30-generic 36-Ubuntu SMP Fri Feb 26 00:57:19 UTC 2016 i686 i686 i686 GNU/Linux Software :...

runAV mod_security - Arbitrary Command Execution

runAV modsecurity - Arbitrary Command Execution Title : runAV modsecurity Remote Command Execution Date : 13/05/2016 Author : R-73eN Tested on : modsecurity with runAV Linux 4.2.0-30-generic 36-Ubuntu SMP Fri Feb 26 00:57:19 UTC 2016 i686 i686 i686 GNU/Linux Software :...

runAV mod_security - Arbitrary Command Execution

Exploit for linux platform in category local exploits Title : runAV modsecurity Remote Command Execution Date : 13/05/2016 Author : R-73eN Tested on : modsecurity with runAV Linux 4.2.0-30-generic 36-Ubuntu SMP Fri Feb 26 00:57:19 UTC 2016 i686 i686 i686 GNU/Linux Software :...

runAV mod_security - Arbitrary Command Execution

Title : runAV modsecurity Remote Command Execution Date : 13/05/2016 Author : R-73eN Tested on : modsecurity with runAV Linux 4.2.0-30-generic 36-Ubuntu SMP Fri Feb 26 00:57:19 UTC 2016 i686 i686 i686 GNU/Linux Software :...

Amazon Linux: Security Advisory (ALAS-2014-335)

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

A serious Wordpress 0 day exploit reverse engineering analysis-vulnerability warning-the black bar safety net

In just the past weekend,I got from my modsecurity logs found an interesting warning,logging a submit to my Wordpress site with one network request. Although this request did not succeed,but I decided to be an in-depth study,and trying to figure out this request information in the end is what,it...

SOPHOS WAF JSON Filter Bypass

SECURITYLABS INTELLIGENT RESEARCH - SECURITY ADVISORY http://www.securitylabs.com.br/ ADVISORY/0115 - SOPHOS WAF WEBSERVER PROTECTION DOES NOT ANALYZE JSON DATA PRIORITY: MEDIUM TYPE: WAF Bypass 1 - About SecurityLabs Intelligent Research ----------------------------------------------- SecurityLa...

Mandriva Linux Security Advisory : apache-mod_security (MDVSA-2015:106)

Updated apache-modsecurity packages fix security vulnerability : Martin Holst Swende discovered a flaw in the way modsecurity handled chunked requests. A remote attacker could use this flaw to bypass intended modsecurity restrictions, allowing them to send requests containing content that should...

Debian DLA-34-1 : libapache-mod-security security update

Martin Holst Swende discovered a flaw in the way modsecurity handled chunked requests. A remote attacker could use this flaw to bypass intended modsecurity restrictions, allowing them to send requests containing content that should have been removed by modsecurity. NOTE: Tenable Network Security...

Amazon Linux AMI : mod_security (ALAS-2014-335)

apache2/modsecurity.c in ModSecurity before 2.7.6 allows remote attackers to bypass rules by using chunked transfer coding with a capitalized Chunked value in the Transfer-Encoding HTTP header. C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted...

The latest Bash vulnerability patch Junior programme-vulnerability warning-the black bar safety net

Bash broke the remote parsing command execution vulnerability, CVE-2 0 1 4-6 2 7 1, the spread of major Linux distributions and MacOSX systems. Vulnerability can be directly in the Bash support the Web CGI environment remote execution of arbitrary commands. bash is injected after the public...

[DLA 34-1] libapache-mod-security security update

Package : libapache-mod-security Version : 2.5.12-1+squeeze4 CVE ID : CVE-2013-5705 Martin Holst Swende discovered a flaw in the way modsecurity handled chunked requests. A remote attacker could use this flaw to bypass intended modsecurity restrictions, allowing them to send requests containing...

DLA-34-1 libapache-mod-security - security update

Bulletin has no description...

Debian Security Advisory DSA 2991-1 (modsecurity-apache - security update)

Martin Holst Swende discovered a flaw in the way chunked requests are handled in ModSecurity, an Apache module whose purpose is to tighten the Web application security. A remote attacker could use this flaw to bypass intended modsecurity restrictions by using chunked transfer coding with a...