CVE-2004-1765

Off-by-one buffer overflow in ModSecurity modsecurity 1.7.4 for Apache 2.x, when SecFilterScanPost is enabled, allows remote attackers to execute arbitrary code via crafted POST requests...

CVE-2002-1135

The CVE targets modsecurity.php 1.10 and earlier and phpWebSite 0.8.2 and earlier, where an inc_prefix parameter can point to malicious code, allowing remote PHP code execution. The issue is described with an attack vector over the network, with no authentication, and results in partial confident...

FreeBSD : ModSecurity for Apache 2.x remote off-by-one overflow (113)

The following package needs to be updated: modsecurity %NASLMINLEVEL 999999 @DEPRECATED@ This script has been deprecated by freebsdpkgc2e1036877ab11d8b9e800e04ccb0a62.nasl. Disabled on 2011/10/02. C Tenable Network Security, Inc. This script contains information extracted from VuXML : Copyright...

[Full-Disclosure] ModSecurity 1.7.4 for Apache 2.x remote off-by-one overflow

S-Quadra Advisory 2004-03-15 Topic: ModSecurity 1.7.4 for Apache 2.x remote off-by-one overflow Severity: Average Vendor URL: http://www.modsecurity.org Advisory URL: http://www.s-quadra.com/advisories/Adv-20040315.txt Release date: 15 Mar 2004 1. DESCRIPTION ModSecurity is an open source intrusi...

ModSecurity for Apache 2.x remote off-by-one overflow

When the directive "SecFilterScanPost" is enabled, the Apache 2.x version of ModSecurity is vulnerable to an off-by-one overflow...