Vigil@nce: ModSecurity, denials of service
February 2010 by Vigil@nce
SYNTHESIS OF THE VULNERABILITY
An attacker can generate several denials of service in the
ModSecurity module for Apache httpd.
Severity: 2/4
Consequences: denial of service of service
Provenance: internet client
Means of attack: no proof of concept, no attack
Ability of attacker: expert (4/4)
Confidence: confirmed by the editor (5/5)
Diffusion of the vulnerable configuration: high (3/3)
Number of vulnerabilities in this bulletin: 4
Creation date: 08/02/2010
IMPACTED PRODUCTS
– Apache httpd
– Unix - plateform
DESCRIPTION OF THE VULNERABILITY
The ModSecurity module can be installed on Apache httpd, in order
to filter queries. It is impacted by several vulnerabilities.
An attacker can use a complex url, in order to force the regular
expression engine to consume resources. [grav:2/4]
ModSecurity does not detect complex path exiting from the root.
[grav:2/4]
Some MIME multipart separators are not correctly analyzed.
[grav:2/4]
An attacker can use a malformed cookie, in order to generate a
memory leak during its analysis. [grav:2/4]
A remote attacker can therefore generate a denial of service on
ModSecurity.
CHARACTERISTICS
Identifiers: BID-38156, VIGILANCE-VUL-9411
http://vigilance.fr/vulnerability/ModSecurity-denials-of-service-9411