Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2012-2751

Overview

Vulnerability Score 4.3 4.3
CVE Id CVE-2012-2751
Last Modified 10 Oct 2013 11:43:56
Published 22 Jul 2012 12:55:27
Confidentiality Impact NONE NONE
Integrity Impact PARTIAL PARTIAL
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2012-2751

Summary

ModSecurity before 2.6.6, when used with PHP, does not properly handle single quotes not at the beginning of a request parameter value in the Content-Disposition field of a request with a multipart/form-data Content-Type header, which allows remote attackers to bypass filtering rules and perform other attacks such as cross-site scripting (XSS) attacks. NOTE: this vulnerability exists because of an incomplete fix for CVE-2009-5031.

Vulnerable Systems

Application

  • Modsecurity 2.0.0

  • Modsecurity 2.0.1

  • Modsecurity 2.0.2

  • Modsecurity 2.0.3

  • Modsecurity 2.0.4

  • Modsecurity 2.1.0

  • Modsecurity 2.1.1

  • Modsecurity 2.1.2

  • Modsecurity 2.1.3

  • Modsecurity 2.1.4

  • Modsecurity 2.1.5

  • Modsecurity 2.1.6

  • Modsecurity 2.5.0

  • Modsecurity 2.5.1

  • Modsecurity 2.5.10

  • Modsecurity 2.5.11

  • Modsecurity 2.5.12

  • Modsecurity 2.5.13

  • Modsecurity 2.5.2

  • Modsecurity 2.5.3

  • Modsecurity 2.5.4

  • Modsecurity 2.5.5

  • Modsecurity 2.5.6

  • Modsecurity 2.5.7

  • Modsecurity 2.5.8

  • Modsecurity 2.5.9

  • Modsecurity 2.6.0

  • Modsecurity 2.6.1

  • Modsecurity 2.6.2

  • Modsecurity 2.6.3

  • Modsecurity 2.6.4

  • Modsecurity 2.6.5


References

BID - 54156

MLIST - [oss-security] 20120621 Re: mod_security CVE request

MLIST - [oss-security] 20120621 mod_security CVE request

DEBIAN - DSA-2506

SECUNIA - 49782

SECUNIA - 49576

CONFIRM - http://mod-security.svn.sourceforge.net/viewvc/mod-security/m2/trunk/CHANGES?r1=1920&r2=1919&pathrev=1920

CONFIRM - http://mod-security.svn.sourceforge.net/viewvc/mod-security/m2/trunk/apache2/msc_multipart.c?r1=1918&r2=1917&pathrev=1918

CONFIRM - http://mod-security.svn.sourceforge.net/viewvc/mod-security/m2/branches/2.6.x/CHANGES

MISC - http://blog.ivanristic.com/2012/06/modsecurity-and-modsecurity-core-rule-set-multipart-bypasses.html

MANDRIVA - MDVSA-2012:118

CONFIRM - http://www.oracle.com/technetwork/topics/security/cpuapr2013-1899555.html

SUSE - openSUSE-SU-2013:1342

SUSE - openSUSE-SU-2013:1336

SUSE - openSUSE-SU-2013:1331

MANDRIVA - MDVSA-2013:150


Last Updated: 27 May 2016 10:54:56