CVE-2012-4528

Severity

50%

Complexity

99%

Confidentiality

48%

The mod_security2 module before 2.7.0 for the Apache HTTP Server allows remote attackers to bypass rules, and deliver arbitrary POST data to a PHP application, via a multipart request in which an invalid part precedes the crafted data.

The mod_security2 module before 2.7.0 for the Apache HTTP Server allows remote attackers to bypass rules, and deliver arbitrary POST data to a PHP application, via a multipart request in which an invalid part precedes the crafted data.

CVSS 2.0 Base Score 5. CVSS Attack Vector: network. CVSS Attack Complexity: low. CVSS Vector: (AV:N/AC:L/Au:N/C:N/I:P/A:N).

Overview

Type

ModSecurity

First reported 12 years ago

2012-12-28 11:48:00

Last updated 11 years ago

2013-11-25 04:28:00

Affected Software

ModSecurity 2.0.0

2.0.0

ModSecurity 2.0.1

2.0.1

ModSecurity 2.0.2

2.0.2

ModSecurity 2.0.3

2.0.3

ModSecurity 2.0.4

2.0.4

ModSecurity 2.1.0

2.1.0

ModSecurity 2.1.1

2.1.1

ModSecurity 2.1.2

2.1.2

ModSecurity 2.1.3

2.1.3

ModSecurity 2.1.4

2.1.4

ModSecurity 2.1.5

2.1.5

ModSecurity 2.1.6

2.1.6

ModSecurity 2.5.0

2.5.0

ModSecurity 2.5.1

2.5.1

ModSecurity 2.5.2

2.5.2

ModSecurity 2.5.3

2.5.3

ModSecurity 2.5.4

2.5.4

ModSecurity 2.5.5

2.5.5

ModSecurity 2.5.6

2.5.6

ModSecurity 2.5.7

2.5.7

ModSecurity 2.5.8

2.5.8

ModSecurity 2.5.9

2.5.9

ModSecurity 2.5.10

2.5.10

ModSecurity 2.5.11

2.5.11

ModSecurity 2.5.12

2.5.12

ModSecurity 2.5.13-dev1

2.5.13

ModSecurity 2.6.0

2.6.0

ModSecurity 2.6.0 Release Candidate 1

2.6.0

ModSecurity 2.6.1

2.6.1

ModSecurity 2.6.1 Release Candidate 1

2.6.1

ModSecurity 2.6.2

2.6.2

ModSecurity 2.6.2 Release Candidate 1

2.6.2

ModSecurity 2.6.3

2.6.3

ModSecurity 2.6.3 Release Candidate 1

2.6.3

ModSecurity 2.6.4

2.6.4

ModSecurity 2.6.4 Release Candidate 1

2.6.4

ModSecurity 2.6.5

2.6.5

ModSecurity 2.6.7

2.6.7

ModSecurity 2.6.8

2.6.8

References

FEDORA-2012-18278

openSUSE-SU-2013:1331

openSUSE-SU-2013:1336

openSUSE-SU-2013:1342

http://mod-security.svn.sourceforge.net/viewvc/mod-security/m2/branches/2.7.x/CHANGES

http://mod-security.svn.sourceforge.net/viewvc/mod-security/m2/trunk/apache2/msc_multipart.c?sortby=date&r1=2081&r2=2080&pathrev=2081

Patch

http://mod-security.svn.sourceforge.net/viewvc/mod-security?view=revision&sortby=date&revision=2081

20121017 SEC Consult SA-20121017-0 :: ModSecurity multipart/invalid part ruleset bypass

Exploit

[oss-security] 20121018 Re: CVE request: Fwd: [Full-disclosure] SEC Consult SA-20121017-0 :: ModSecurity multipart/invalid part ruleset bypass

https://www.sec-consult.com/fxdata/seccons/prod/temedia/advisories_txt/20121017-0_mod_security_ruleset_bypass.txt

Stay updated

ExploitPedia is constantly evolving. Sign up to receive a notification when we release additional functionality.

Get in touch

If you'd like to report a bug or have any suggestions for improvements then please do get in touch with us using this form. We will get back to you as soon as we can.