Oracle Solaris Third-Party Patch Update : apache (cve_2013_2765_denial_of)
Medium Nessus Plugin ID 80587
SynopsisThe remote Solaris system is missing a security patch for third-party software.
DescriptionThe remote Solaris system is missing necessary patches to address security updates :
- The ModSecurity module before 2.7.4 for the Apache HTTP Server allows remote attackers to cause a denial of service (NULL pointer dereference, process crash, and disk consumption) via a POST request with a large body and a crafted Content-Type header. (CVE-2013-2765)
SolutionUpgrade to Solaris 11.2.