CVE-2013-2765

The ModSecurity module before 2.7.4 for the Apache HTTP Server allows remote attackers to cause a denial of service (NULL pointer dereference, process crash, and disk consumption) via a POST request with a large body and a crafted Content-Type header.
Configurations

Configuration 1 (hide)

AND
cpe:2.3:a:trustwave:modsecurity:*:*:*:*:*:*:*:*
cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*

Configuration 2 (hide)

OR cpe:2.3:o:opensuse:opensuse:11.4:*:*:*:*:*:*:*
cpe:2.3:o:opensuse:opensuse:12.2:*:*:*:*:*:*:*
cpe:2.3:o:opensuse:opensuse:12.3:*:*:*:*:*:*:*

History

No history.

Information

Published : 2013-07-15 15:55

Updated : 2024-02-28 12:00


NVD link : CVE-2013-2765

Mitre link : CVE-2013-2765

CVE.ORG link : CVE-2013-2765


JSON object : View

Products Affected

trustwave

  • modsecurity

opensuse

  • opensuse

apache

  • http_server
CWE
CWE-476

NULL Pointer Dereference