CVE-2008-5676

Publication date 19 December 2008

Last updated 24 July 2024

Ubuntu priority

Description

Multiple unspecified vulnerabilities in the ModSecurity (aka mod_security) module 2.5.0 through 2.5.5 for the Apache HTTP Server, when SecCacheTransformations is enabled, allow remote attackers to cause a denial of service (daemon crash) or bypass the product's functionality via unknown vectors related to "transformation caching."

Read the notes from the security team

Status

Show unmaintained releases

Package	Ubuntu Release	Status
libapache-mod-security	9.10 karmic	Not affected
	9.04 jaunty	Not affected
	8.10 intrepid	Not in release
	8.04 LTS hardy	Not in release
	6.06 LTS dapper	Not affected

How can I get the fixes?
What do statuses mean?

Notes

jdstrand

2.5.0 through 2.5.5

References

MITRE
NVD
Launchpad
Debian

Other references

https://www.cve.org/CVERecord?id=CVE-2008-5676