Download
| Alert*
oval:org.secpod.oval:def:104826
ModSecurity is an open source intrusion detection and prevention engine for web applications. It operates embedded into the web server, acting as a powerful umbrella - shielding web applications from attacks. oval:org.secpod.oval:def:104830 ModSecurity is an open source intrusion detection and prevention engine for web applications. It operates embedded into the web server, acting as a powerful umbrella - shielding web applications from attacks. oval:org.secpod.oval:def:1300192 A vulnerability has been found and corrected in apache-mod_security: ModSecurity before 2.7.3 allows remote attackers to read arbitrary files, send HTTP requests to intranet servers, or cause a denial of service via an XML external entity declaration in conjunction with an entity reference, aka an ... oval:org.secpod.oval:def:601004 Timur Yunusov and Alexey Osipov from Positive Technologies discovered that the XML files parser of ModSecurity, an Apache module whose purpose is to tighten the Web application security, is vulnerable to XML external entities attacks. A specially-crafted XML file provided by a remote attacker, could ... |