oss-sec mailing list archives
[Notification] CVE-2013-2765 mod_security: NULL pointer dereference (DoS, crash) when forceRequestBodyVariable action triggered and unknown Content-Type was used
From: Jan Lieskovsky <jlieskov () redhat com>
Date: Tue, 28 May 2013 06:14:32 -0400 (EDT)
Hello Steve, vendors, as brought to me by Athmane, ModSecurity upstream has release v2.7.4 version: [1] http://sourceforge.net/mailarchive/message.php?msg_id=30900019 correcting one security NULL pointer dereference flaw (CVE-2013-2765) - from [2]: * Fixed Remote Null Pointer DeReference (CVE-2013-2765). When forceRequestBodyVariable action is triggered and a unknown Content-Type is used, mod_security will crash trying to manipulate msr->msc_reqbody_chunks->elts however msr->msc_reqbody_chunks is NULL. (Thanks Younes JAAIDI). References: [2] https://raw.github.com/SpiderLabs/ModSecurity/master/CHANGES [3] https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-2765 Relevant upstream patch (seems to be the following): [4] https://github.com/SpiderLabs/ModSecurity/commit/0840b13612a0b7ef1ce7441cf811dcfc6b463fba Thank you && Regards, Jan. -- Jan iankko Lieskovsky / Red Hat Security Response Team P.S.: Thanks goes to Athmane for bringing this to our attention.
Current thread:
- [Notification] CVE-2013-2765 mod_security: NULL pointer dereference (DoS, crash) when forceRequestBodyVariable action triggered and unknown Content-Type was used Jan Lieskovsky (May 28)