|Title:||ModSecurity 'SecCacheTransformations' Security Bypass Vulnerability|
|Summary:||Check for the version of ModSecurity|
Overview: This host is running ModSecurity and is prone to Security Bypass
This flaw is due an error within the transformation caching which can cause
evasion into ModSecurity. These can be exploited when SecCacheTransformations
Successful exploitation will allow attacker to execute arbitrary codes in
the context of the web application and bypass certain security restrictions.
ModSecurity version from 2.5.0 to 2.5.5 on Linux.
Upgrade to version 2.5.6 or later.
BugTraq ID: 31672|
Common Vulnerability Exposure (CVE) ID: CVE-2008-5676
XForce ISS Database: modsecurity-sct-security-bypass(45770)
|Copyright||Copyright (C) 2008 SecPod|
|This is only one of 58880 vulnerability tests in our test suite. Find out more about running a complete security audit.|
To run a free test of this vulnerability against your system, register below.