ID CVE-2004-1765
Summary Off-by-one buffer overflow in ModSecurity (mod_security) 1.7.4 for Apache 2.x, when SecFilterScanPost is enabled, allows remote attackers to execute arbitrary code via crafted POST requests.
References
Vulnerable Configurations
  • cpe:2.3:a:mod_security:mod_security:1.7.4
    cpe:2.3:a:mod_security:mod_security:1.7.4
CVSS
Base: 7.5 (as of 30-05-2005 - 21:35)
Impact:
Exploitability:
Access
VectorComplexityAuthentication
NETWORK LOW NONE
Impact
ConfidentialityIntegrityAvailability
PARTIAL PARTIAL PARTIAL
nessus via4
  • NASL family FreeBSD Local Security Checks
    NASL id FREEBSD_MODSECURITY_175.NASL
    description The following package needs to be updated: mod_security
    last seen 2016-09-26
    modified 2011-10-03
    plugin id 12578
    published 2004-07-06
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=12578
    title FreeBSD : ModSecurity for Apache 2.x remote off-by-one overflow (113)
  • NASL family FreeBSD Local Security Checks
    NASL id FREEBSD_PKG_C2E1036877AB11D8B9E800E04CCB0A62.NASL
    description When the directive 'SecFilterScanPost' is enabled, the Apache 2.x version of ModSecurity is vulnerable to an off-by-one overflow
    last seen 2019-02-21
    modified 2018-12-19
    plugin id 37595
    published 2009-04-23
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=37595
    title FreeBSD : ModSecurity for Apache 2.x remote off-by-one overflow (c2e10368-77ab-11d8-b9e8-00e04ccb0a62)
refmap via4
bid 9885
bugtraq 20040316 ModSecurity 1.7.4 for Apache 2.x remote off-by-one overflow
cert-vn VU#779438
confirm http://www.modsecurity.org/
misc http://www.s-quadra.com/advisories/Adv-20040315.txt
secunia 11138
xf mod-security-offbyone-bo(15489)
Last major update 17-10-2016 - 23:00
Published 31-12-2004 - 00:00
Last modified 10-07-2017 - 21:31
Back to Top