Mandriva Linux Security Advisory : apache-mod_security (MDVSA-2013:187)
Medium Nessus Plugin ID 67132
SynopsisThe remote Mandriva Linux host is missing one or more security updates.
DescriptionUpdated apache-mod_security packages fix security vulnerability :
When ModSecurity receives a request body with a size bigger than the value set by the SecRequestBodyInMemoryLimit and with a Content-Type that has no request body processor mapped to it, ModSecurity will systematically crash on every call to forceRequestBodyVariable (in phase 1) (CVE-2013-2765).
SolutionUpdate the affected apache-mod_security and / or mlogc packages.