ModSecurity Quote Parsing Security Bypass Vulnerability

http://www.securityfocus.com/bid/54156

Security Info

Bugtraq ID:	54156
Class:	Input Validation Error
CVE:	CVE-2009-5031 CVE-2012-2751
Remote:	Yes
Local:	No
Published:	Jun 08 2012 12:00AM
Updated:	Jul 02 2012 11:20PM
Credit:	Qualys Vulnerability & Malware Research Labs (VMRL)
Vulnerable:	Debian Linux 6.0 sparc Debian Linux 6.0 s/390 Debian Linux 6.0 powerpc Debian Linux 6.0 mips Debian Linux 6.0 ia-64 Debian Linux 6.0 ia-32 Debian Linux 6.0 arm Debian Linux 6.0 amd64

Not Vulnerable:

Security Discussion

ModSecurity is prone to a security-bypass vulnerability because it fails to sufficiently sanitize user-supplied input.

Successful exploits can allow attackers to bypass filtering rules; this may aid in further attacks.

ModSecurity versions prior to 2.6.6 are vulnerable.

Proof of Concept and Security Exploits

An attacker can exploit this issue using standard tools.

Security Solution(s)

Solution:
Updates are available. Please see the references for more information.

Security References(s)

References:

ModSecurity Homepage (Breach Security)

Emagined Security Blog featuring Dr. Eugene Schultz

Secure Web Programming
by Vizual Services