CVE-2018-13065 – ModSecurity 3.0.0 Cross Site Scripting
https://notcve.org/view.php?id=CVE-2018-13065
ModSecurity 3.0.0 has XSS via an onerror attribute of an IMG element. NOTE: a third party has disputed this issue because it may only apply to environments without a Core Rule Set configured ** EN DISPUTA ** ModSecurity 3.0.0 tiene Cross-Site Scripting (XSS) mediante un atributo onerror de un elemento IMG. NOTA: un tercero ha discutido sobre este problema porque puede que solo aplique a entornos que no tengan configurados Core Rule Set. ModSecurity version 3.0.0 suffers from a cross site scripting vulnerability. • https://github.com/SpiderLabs/ModSecurity/issues/1829 https://hackings8n.blogspot.com/2018/07/cve-2018-13065-modsecurity-300-has-xss.html https://www.exploit-db.com/exploits/44970 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVE-2017-18001 – Trustwave SWG 11.8.0.27 - SSH Unauthorized Access
https://notcve.org/view.php?id=CVE-2017-18001
Trustwave Secure Web Gateway (SWG) through 11.8.0.27 allows remote attackers to append an arbitrary public key to the device's SSH Authorized Keys data, and consequently obtain remote root access, via the publicKey parameter to the /sendKey URI. Trustwave Secure Web Gateway (SWG) hasta la versión 11.8.0.27 permite que los atacantes remotos anexen una clave pública arbitraria a los datos de claves SSH autorizadas del dispositivo y obtener acceso root remoto en consecuencia mediante el parámetro publicKey al URI /sendKey. • https://www.exploit-db.com/exploits/44047 http://seclists.org/fulldisclosure/2017/Dec/88 https://blogs.securiteam.com/index.php/archives/3550 https://www.trustwave.com/Resources/Trustwave-Software-Updates/Important-Security-Update-for-Trustwave-Secure-Web-Gateway • CWE-306: Missing Authentication for Critical Function •
CVE-2013-5705
https://notcve.org/view.php?id=CVE-2013-5705
apache2/modsecurity.c in ModSecurity before 2.7.6 allows remote attackers to bypass rules by using chunked transfer coding with a capitalized Chunked value in the Transfer-Encoding HTTP header. apache2/modsecurity.c en ModSecurity anterior a 2.7.6 permite a atacantes remotos evadir reglas mediante el uso de codificación de transferencia fragmentada con un valor convertido a mayúsculas fragmentado en la cabecera HTTP Transfer-Encoding. • http://martin.swende.se/blog/HTTPChunked.html http://www.debian.org/security/2014/dsa-2991 https://github.com/SpiderLabs/ModSecurity/commit/f8d441cd25172fdfe5b613442fedfc0da3cc333d •
CVE-2013-2765 – ModSecurity - Remote Null Pointer Dereference
https://notcve.org/view.php?id=CVE-2013-2765
The ModSecurity module before 2.7.4 for the Apache HTTP Server allows remote attackers to cause a denial of service (NULL pointer dereference, process crash, and disk consumption) via a POST request with a large body and a crafted Content-Type header. El módulo ModSecurity anterior a 2.7.4 para Apache HTTP Server, permite a atacantes remotos provocar una denegación de servicio (deferencia a puntero NULO, caída de proceso y consumo de disco) a través de una petición POST con un cuerpo (body) de gran tamaño y una cabecera Content-Type manipulada. • https://www.exploit-db.com/exploits/25852 http://archives.neohapsis.com/archives/bugtraq/2013-05/0125.html http://lists.opensuse.org/opensuse-updates/2013-08/msg00020.html http://lists.opensuse.org/opensuse-updates/2013-08/msg00025.html http://lists.opensuse.org/opensuse-updates/2013-08/msg00031.html http://sourceforge.net/mailarchive/message.php?msg_id=30900019 http://www.modsecurity.org http://www.shookalabs.com https://bugzilla.redhat.com/show_bug.cgi?id=967615 https://github • CWE-476: NULL Pointer Dereference •
CVE-2013-1915
https://notcve.org/view.php?id=CVE-2013-1915
ModSecurity before 2.7.3 allows remote attackers to read arbitrary files, send HTTP requests to intranet servers, or cause a denial of service (CPU and memory consumption) via an XML external entity declaration in conjunction with an entity reference, aka an XML External Entity (XXE) vulnerability. ModSecurity antes de v2.7.3 permite a atacantes remotos leer archivos arbitrarios, enviar peticiones HTTP a los servidores de la intranet, o causar una denegación de servicio (consumo de CPU y memoria) a través de una declaración de entidad externa XML junto con una referencia de entidad, también conocido como una Entidad Externa XML (XXE) vulnerabilidad. • http://lists.fedoraproject.org/pipermail/package-announce/2013-April/101898.html http://lists.fedoraproject.org/pipermail/package-announce/2013-April/101911.html http://lists.fedoraproject.org/pipermail/package-announce/2013-April/102616.html http://lists.opensuse.org/opensuse-updates/2013-08/msg00020.html http://lists.opensuse.org/opensuse-updates/2013-08/msg00025.html http://lists.opensuse.org/opensuse-updates/2013-08/msg00031.html http://secunia.com/advisories/52847 http://secunia.com/advisories/529 • CWE-611: Improper Restriction of XML External Entity Reference •