[prev in list] [next in list] [prev in thread] [next in thread] 

List:       oss-security
Subject:    [oss-security] [Notification] CVE-2013-2765 mod_security: NULL pointer dereference (DoS, crash) when
From:       Jan Lieskovsky <jlieskov () redhat ! com>
Date:       2013-05-28 10:14:32
Message-ID: 1338782267.8755963.1369736072304.JavaMail.root () redhat ! com
[Download RAW message or body]

Hello Steve, vendors,

  as brought to me by Athmane, ModSecurity upstream has release v2.7.4 version:
  [1] http://sourceforge.net/mailarchive/message.php?msg_id=30900019

correcting one security NULL pointer dereference flaw (CVE-2013-2765) - from [2]:

* Fixed Remote Null Pointer DeReference (CVE-2013-2765). When forceRequestBodyVariable
  action is triggered and a unknown Content-Type is used, mod_security will crash
  trying to manipulate msr->msc_reqbody_chunks->elts however msr->msc_reqbody_chunks
  is NULL. (Thanks Younes JAAIDI).

References:
  [2] https://raw.github.com/SpiderLabs/ModSecurity/master/CHANGES
  [3] https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-2765

Relevant upstream patch (seems to be the following):
[4] https://github.com/SpiderLabs/ModSecurity/commit/0840b13612a0b7ef1ce7441cf811dcfc6b463fba

Thank you && Regards, Jan.
--
Jan iankko Lieskovsky / Red Hat Security Response Team

P.S.: Thanks goes to Athmane for bringing this to our attention.
[prev in list] [next in list] [prev in thread] [next in thread]