CVE-2013-2765 - Vulnerability Details - OpenCVE

The ModSecurity module before 2.7.4 for the Apache HTTP Server allows remote attackers to cause a denial of service (NULL pointer dereference, process crash, and disk consumption) via a POST request with a large body and a crafted Content-Type header.

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact None

Integrity Impact None

Availability Impact Partial

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Apache	Http Server
Opensuse	Opensuse
Trustwave	Modsecurity

Configuration 1 [-]

AND

cpe:2.3:a:trustwave:modsecurity:*:*:*:*:*:*:*:*

cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*

Configuration 2 [-]

OR	cpe:2.3:o:opensuse:opensuse:11.4:::::::*
	cpe:2.3:o:opensuse:opensuse:12.2:::::::*
	cpe:2.3:o:opensuse:opensuse:12.3:::::::*

No data.

References

Link	Providers
http://archives.neohapsis.com/archives/bugtraq/2013-05/0125.html
http://lists.opensuse.org/opensuse-updates/2013-08/msg00020.html
http://lists.opensuse.org/opensuse-updates/2013-08/msg00025.html
http://lists.opensuse.org/opensuse-updates/2013-08/msg00031.html
http://sourceforge.net/mailarchive/message.php?msg_id=30900019
http://www.modsecurity.org/
http://www.shookalabs.com/
https://bugzilla.redhat.com/show_bug.cgi?id=967615
https://github.com/SpiderLabs/ModSecurity/commit/0840b13612a0b7ef1ce7441cf811dcfc6b463fba
https://github.com/shookalabs/exploits/blob/master/modsecurity_cve_2013_2765_check.py
https://raw.github.com/SpiderLabs/ModSecurity/master/CHANGES

History

No history.

MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2013-07-15T15:00:00

Updated: 2024-08-06T15:44:33.662Z

Reserved: 2013-04-07T00:00:00

Link: CVE-2013-2765

Vulnrichment

No data.

NVD

Status : Modified

Published: 2013-07-15T15:55:01.267

Modified: 2024-11-21T01:52:19.793

Link: CVE-2013-2765

Redhat

No data.

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2013-05-10T00:00:00", "descriptions": [{"lang": "en", "value": "The ModSecurity module before 2.7.4 for the Apache HTTP Server allows remote attackers to cause a denial of service (NULL pointer dereference, process crash, and disk consumption) via a POST request with a large body and a crafted Content-Type header."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2013-09-12T09:00:00", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"name": "[mod-security-users] 20130527 Availability of ModSecurity 2.7.4 Stable Release", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "http://sourceforge.net/mailarchive/message.php?msg_id=30900019"}, {"name": "openSUSE-SU-2013:1342", "tags": ["vendor-advisory", "x_refsource_SUSE"], "url": "http://lists.opensuse.org/opensuse-updates/2013-08/msg00031.html"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=967615"}, {"name": "openSUSE-SU-2013:1331", "tags": ["vendor-advisory", "x_refsource_SUSE"], "url": "http://lists.opensuse.org/opensuse-updates/2013-08/msg00020.html"}, {"name": "20130528 [SECURITY][CVE-2013-2765][ModSecurity] Remote Null Pointer Dereference", "tags": ["mailing-list", "x_refsource_BUGTRAQ"], "url": "http://archives.neohapsis.com/archives/bugtraq/2013-05/0125.html"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://raw.github.com/SpiderLabs/ModSecurity/master/CHANGES"}, {"tags": ["x_refsource_MISC"], "url": "http://www.shookalabs.com/"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://www.modsecurity.org/"}, {"tags": ["x_refsource_MISC"], "url": "https://github.com/shookalabs/exploits/blob/master/modsecurity_cve_2013_2765_check.py"}, {"tags": ["x_refsource_MISC"], "url": "https://github.com/SpiderLabs/ModSecurity/commit/0840b13612a0b7ef1ce7441cf811dcfc6b463fba"}, {"name": "openSUSE-SU-2013:1336", "tags": ["vendor-advisory", "x_refsource_SUSE"], "url": "http://lists.opensuse.org/opensuse-updates/2013-08/msg00025.html"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2013-2765", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "The ModSecurity module before 2.7.4 for the Apache HTTP Server allows remote attackers to cause a denial of service (NULL pointer dereference, process crash, and disk consumption) via a POST request with a large body and a crafted Content-Type header."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "[mod-security-users] 20130527 Availability of ModSecurity 2.7.4 Stable Release", "refsource": "MLIST", "url": "http://sourceforge.net/mailarchive/message.php?msg_id=30900019"}, {"name": "openSUSE-SU-2013:1342", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-updates/2013-08/msg00031.html"}, {"name": "https://bugzilla.redhat.com/show_bug.cgi?id=967615", "refsource": "CONFIRM", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=967615"}, {"name": "openSUSE-SU-2013:1331", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-updates/2013-08/msg00020.html"}, {"name": "20130528 [SECURITY][CVE-2013-2765][ModSecurity] Remote Null Pointer Dereference", "refsource": "BUGTRAQ", "url": "http://archives.neohapsis.com/archives/bugtraq/2013-05/0125.html"}, {"name": "https://raw.github.com/SpiderLabs/ModSecurity/master/CHANGES", "refsource": "CONFIRM", "url": "https://raw.github.com/SpiderLabs/ModSecurity/master/CHANGES"}, {"name": "http://www.shookalabs.com/", "refsource": "MISC", "url": "http://www.shookalabs.com/"}, {"name": "http://www.modsecurity.org/", "refsource": "CONFIRM", "url": "http://www.modsecurity.org/"}, {"name": "https://github.com/shookalabs/exploits/blob/master/modsecurity_cve_2013_2765_check.py", "refsource": "MISC", "url": "https://github.com/shookalabs/exploits/blob/master/modsecurity_cve_2013_2765_check.py"}, {"name": "https://github.com/SpiderLabs/ModSecurity/commit/0840b13612a0b7ef1ce7441cf811dcfc6b463fba", "refsource": "MISC", "url": "https://github.com/SpiderLabs/ModSecurity/commit/0840b13612a0b7ef1ce7441cf811dcfc6b463fba"}, {"name": "openSUSE-SU-2013:1336", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-updates/2013-08/msg00025.html"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-06T15:44:33.662Z"}, "title": "CVE Program Container", "references": [{"name": "[mod-security-users] 20130527 Availability of ModSecurity 2.7.4 Stable Release", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "http://sourceforge.net/mailarchive/message.php?msg_id=30900019"}, {"name": "openSUSE-SU-2013:1342", "tags": ["vendor-advisory", "x_refsource_SUSE", "x_transferred"], "url": "http://lists.opensuse.org/opensuse-updates/2013-08/msg00031.html"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=967615"}, {"name": "openSUSE-SU-2013:1331", "tags": ["vendor-advisory", "x_refsource_SUSE", "x_transferred"], "url": "http://lists.opensuse.org/opensuse-updates/2013-08/msg00020.html"}, {"name": "20130528 [SECURITY][CVE-2013-2765][ModSecurity] Remote Null Pointer Dereference", "tags": ["mailing-list", "x_refsource_BUGTRAQ", "x_transferred"], "url": "http://archives.neohapsis.com/archives/bugtraq/2013-05/0125.html"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://raw.github.com/SpiderLabs/ModSecurity/master/CHANGES"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "http://www.shookalabs.com/"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://www.modsecurity.org/"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://github.com/shookalabs/exploits/blob/master/modsecurity_cve_2013_2765_check.py"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://github.com/SpiderLabs/ModSecurity/commit/0840b13612a0b7ef1ce7441cf811dcfc6b463fba"}, {"name": "openSUSE-SU-2013:1336", "tags": ["vendor-advisory", "x_refsource_SUSE", "x_transferred"], "url": "http://lists.opensuse.org/opensuse-updates/2013-08/msg00025.html"}]}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2013-2765", "datePublished": "2013-07-15T15:00:00", "dateReserved": "2013-04-07T00:00:00", "dateUpdated": "2024-08-06T15:44:33.662Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:trustwave:modsecurity:*:*:*:*:*:*:*:*", "matchCriteriaId": "506EFFAC-FA4D-438F-941D-35548C270D4C", "versionEndExcluding": "2.7.4", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*", "matchCriteriaId": "5A6CD1F4-4C0E-4989-A2B3-DC086E8E80A3", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:opensuse:opensuse:11.4:*:*:*:*:*:*:*", "matchCriteriaId": "DE554781-1EB9-446E-911F-6C11970C47F4", "vulnerable": true}, {"criteria": "cpe:2.3:o:opensuse:opensuse:12.2:*:*:*:*:*:*:*", "matchCriteriaId": "D806A17E-B8F9-466D-807D-3F1E77603DC8", "vulnerable": true}, {"criteria": "cpe:2.3:o:opensuse:opensuse:12.3:*:*:*:*:*:*:*", "matchCriteriaId": "DFBF430B-0832-44B0-AA0E-BA9E467F7668", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "The ModSecurity module before 2.7.4 for the Apache HTTP Server allows remote attackers to cause a denial of service (NULL pointer dereference, process crash, and disk consumption) via a POST request with a large body and a crafted Content-Type header."}, {"lang": "es", "value": "El m\u00f3dulo ModSecurity anterior a 2.7.4 para Apache HTTP Server, permite a atacantes remotos provocar una denegaci\u00f3n de servicio (deferencia a puntero NULO, ca\u00edda de proceso y consumo de disco) a trav\u00e9s de una petici\u00f3n POST con un cuerpo (body) de gran tama\u00f1o y una cabecera Content-Type manipulada."}], "id": "CVE-2013-2765", "lastModified": "2024-11-21T01:52:19.793", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 5.0, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2013-07-15T15:55:01.267", "references": [{"source": "cve@mitre.org", "tags": ["Broken Link"], "url": "http://archives.neohapsis.com/archives/bugtraq/2013-05/0125.html"}, {"source": "cve@mitre.org", "tags": ["Mailing List", "Third Party Advisory"], "url": "http://lists.opensuse.org/opensuse-updates/2013-08/msg00020.html"}, {"source": "cve@mitre.org", "tags": ["Mailing List", "Third Party Advisory"], "url": "http://lists.opensuse.org/opensuse-updates/2013-08/msg00025.html"}, {"source": "cve@mitre.org", "tags": ["Mailing List", "Third Party Advisory"], "url": "http://lists.opensuse.org/opensuse-updates/2013-08/msg00031.html"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory"], "url": "http://sourceforge.net/mailarchive/message.php?msg_id=30900019"}, {"source": "cve@mitre.org", "tags": ["Vendor Advisory"], "url": "http://www.modsecurity.org/"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory"], "url": "http://www.shookalabs.com/"}, {"source": "cve@mitre.org", "tags": ["Issue Tracking", "Patch", "Third Party Advisory"], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=967615"}, {"source": "cve@mitre.org", "tags": ["Patch", "Third Party Advisory"], "url": "https://github.com/SpiderLabs/ModSecurity/commit/0840b13612a0b7ef1ce7441cf811dcfc6b463fba"}, {"source": "cve@mitre.org", "tags": ["Exploit", "Third Party Advisory"], "url": "https://github.com/shookalabs/exploits/blob/master/modsecurity_cve_2013_2765_check.py"}, {"source": "cve@mitre.org", "tags": ["Broken Link"], "url": "https://raw.github.com/SpiderLabs/ModSecurity/master/CHANGES"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Broken Link"], "url": "http://archives.neohapsis.com/archives/bugtraq/2013-05/0125.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Mailing List", "Third Party Advisory"], "url": "http://lists.opensuse.org/opensuse-updates/2013-08/msg00020.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Mailing List", "Third Party Advisory"], "url": "http://lists.opensuse.org/opensuse-updates/2013-08/msg00025.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Mailing List", "Third Party Advisory"], "url": "http://lists.opensuse.org/opensuse-updates/2013-08/msg00031.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "http://sourceforge.net/mailarchive/message.php?msg_id=30900019"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "http://www.modsecurity.org/"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "http://www.shookalabs.com/"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Issue Tracking", "Patch", "Third Party Advisory"], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=967615"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch", "Third Party Advisory"], "url": "https://github.com/SpiderLabs/ModSecurity/commit/0840b13612a0b7ef1ce7441cf811dcfc6b463fba"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Exploit", "Third Party Advisory"], "url": "https://github.com/shookalabs/exploits/blob/master/modsecurity_cve_2013_2765_check.py"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Broken Link"], "url": "https://raw.github.com/SpiderLabs/ModSecurity/master/CHANGES"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-476"}], "source": "nvd@nist.gov", "type": "Primary"}]}