Facebook Google Plus Twitter LinkedIn YouTube RSS Menu Search Resource - BlogResource - WebinarResource - ReportResource - Eventicons_066 icons_067icons_068icons_069icons_070

ModSecurity < 2.7.0 Multipart Request Parsing Filter Bypass



The remote web application firewall may be affected by a denial of service vulnerability


According to its banner, the version of ModSecurity installed on the remote host is earlier than 2.7.0. It is, therefore, potentially affected by a security bypass vulnerability. An error exists related to HTTP POST requests and 'Content-Disposition' headers containing extra lines that could allow a remote attacker to bypass certain filters and carry out attacks.


Upgrade to ModSecurity version 2.7.0 or later.