Test Kennung:	1.3.6.1.4.1.25623.1.0.900414
Kategorie:	Web Servers
Titel:	ModSecurity 'SecCacheTransformations' Security Bypass Vulnerability
Zusammenfassung:	ModSecurity is prone to a security bypass vulnerability.
Beschreibung:	Summary: ModSecurity is prone to a security bypass vulnerability. Vulnerability Insight: This flaw is due an error within the transformation caching which can cause evasion into ModSecurity. These can be exploited when SecCacheTransformations is enabled. Vulnerability Impact: Successful exploitation will allow attacker to execute arbitrary codes in the context of the web application and bypass certain security restrictions. Affected Software/OS: ModSecurity version from 2.5.0 to 2.5.5 on Linux. Solution: Upgrade to version 2.5.6 or later. CVSS Score: 5.0 CVSS Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P
Querverweis:	Common Vulnerability Exposure (CVE) ID: CVE-2008-5676 http://secunia.com/advisories/32146 http://www.vupen.com/english/advisories/2008/2795 XForce ISS Database: modsecurity-sct-security-bypass(45770) https://exchange.xforce.ibmcloud.com/vulnerabilities/45770
Copyright	Copyright (C) 2008 Greenbone AG

Dies ist nur einer von 145615 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.