Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2012-4528

Overview

Vulnerability Score 5.0 5.0
CVE Id CVE-2012-4528
Last Modified 24 Nov 2013 11:28:05
Published 28 Dec 2012 06:48:44
Confidentiality Impact NONE NONE
Integrity Impact PARTIAL PARTIAL
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2012-4528

Summary

The mod_security2 module before 2.7.0 for the Apache HTTP Server allows remote attackers to bypass rules, and deliver arbitrary POST data to a PHP application, via a multipart request in which an invalid part precedes the crafted data.

Vulnerable Systems

Application

  • Modsecurity 2.0.0

  • Modsecurity 2.0.1

  • Modsecurity 2.0.2

  • Modsecurity 2.0.3

  • Modsecurity 2.0.4

  • Modsecurity 2.1.0

  • Modsecurity 2.1.1

  • Modsecurity 2.1.2

  • Modsecurity 2.1.3

  • Modsecurity 2.1.4

  • Modsecurity 2.1.5

  • Modsecurity 2.1.6

  • Modsecurity 2.5.0

  • Modsecurity 2.5.1

  • Modsecurity 2.5.10

  • Modsecurity 2.5.11

  • Modsecurity 2.5.12

  • Modsecurity 2.5.13

  • Modsecurity 2.5.2

  • Modsecurity 2.5.3

  • Modsecurity 2.5.4

  • Modsecurity 2.5.5

  • Modsecurity 2.5.6

  • Modsecurity 2.5.7

  • Modsecurity 2.5.8

  • Modsecurity 2.5.9

  • Modsecurity 2.6.0

  • Modsecurity 2.6.1

  • Modsecurity 2.6.2

  • Modsecurity 2.6.3

  • Modsecurity 2.6.4

  • Modsecurity 2.6.5

  • Modsecurity 2.6.7

  • Modsecurity 2.6.8

  • Modsecurity 2.7.0

  • Modsecurity Mod Security2 2.0.0

  • Modsecurity Mod Security2 2.0.1

  • Modsecurity Mod Security2 2.0.2

  • Modsecurity Mod Security2 2.0.3

  • Modsecurity Mod Security2 2.0.4

  • Modsecurity Mod Security2 2.1.0

  • Modsecurity Mod Security2 2.1.1

  • Modsecurity Mod Security2 2.1.2

  • Modsecurity Mod Security2 2.1.3

  • Modsecurity Mod Security2 2.1.4

  • Modsecurity Mod Security2 2.1.5

  • Modsecurity Mod Security2 2.1.6

  • Modsecurity Mod Security2 2.1.7

  • Modsecurity Mod Security2 2.5.0

  • Modsecurity Mod Security2 2.5.1

  • Modsecurity Mod Security2 2.5.10

  • Modsecurity Mod Security2 2.5.11

  • Modsecurity Mod Security2 2.5.12.

  • Modsecurity Mod Security2 2.5.13

  • Modsecurity Mod Security2 2.5.2

  • Modsecurity Mod Security2 2.5.3

  • Modsecurity Mod Security2 2.5.4

  • Modsecurity Mod Security2 2.5.5

  • Modsecurity Mod Security2 2.5.6

  • Modsecurity Mod Security2 2.5.7

  • Modsecurity Mod Security2 2.5.8

  • Modsecurity Mod Security2 2.5.9

  • Modsecurity Mod Security2 2.6.0

  • Modsecurity Mod Security2 2.6.1

  • Modsecurity Mod Security2 2.6.2

  • Modsecurity Mod Security2 2.6.3

  • Modsecurity Mod Security2 2.6.4

  • Modsecurity Mod Security2 2.6.5

  • Modsecurity Mod Security2 2.6.6

  • Modsecurity Mod Security2 2.6.7

  • Modsecurity Mod Security2 2.6.8

  • Modsecurity Mod Security2 2.7.0


References

CONFIRM - http://mod-security.svn.sourceforge.net/viewvc/mod-security/m2/trunk/apache2/msc_multipart.c?sortby=date&r1=2081&r2=2080&pathrev=2081

MISC - https://www.sec-consult.com/fxdata/seccons/prod/temedia/advisories_txt/20121017-0_mod_security_ruleset_bypass.txt

MLIST - [oss-security] 20121018 Re: CVE request: Fwd: [Full-disclosure] SEC Consult SA-20121017-0 :: ModSecurity multipart/invalid part ruleset bypass

FULLDISC - 20121017 SEC Consult SA-20121017-0 :: ModSecurity multipart/invalid part ruleset bypass

CONFIRM - http://mod-security.svn.sourceforge.net/viewvc/mod-security?view=revision&sortby=date&revision=2081

CONFIRM - http://mod-security.svn.sourceforge.net/viewvc/mod-security/m2/branches/2.7.x/CHANGES

SUSE - openSUSE-SU-2013:1342

SUSE - openSUSE-SU-2013:1336

SUSE - openSUSE-SU-2013:1331

FEDORA - FEDORA-2012-18278


Last Updated: 27 May 2016 11:01:34