CVE-2008-5676

Published: 19 December 2008

Multiple unspecified vulnerabilities in the ModSecurity (aka mod_security) module 2.5.0 through 2.5.5 for the Apache HTTP Server, when SecCacheTransformations is enabled, allow remote attackers to cause a denial of service (daemon crash) or bypass the product's functionality via unknown vectors related to "transformation caching."

Notes

Author	Note
jdstrand	2.5.0 through 2.5.5

Priority

Status

Package	Release	Status
libapache-mod-security Launchpad, Ubuntu, Debian	dapper	Not vulnerable (1.8.7-1ubuntu1)
	hardy	Does not exist
	intrepid	Does not exist
	jaunty	Not vulnerable (2.5.6-1)
	karmic	Not vulnerable (2.5.9-1)
	upstream	Released (2.5.6-1)

References

https://www.cve.org/CVERecord?id=CVE-2008-5676
NVD
Launchpad
Debian

Join the discussion

Ubuntu security updates mailing list
Security announcements mailing list

Canonical is offering Expanded Security Maintenance

Canonical is offering Ubuntu Expanded Security Maintenance (ESM) for security fixes and essential packages.

Find out more about ESM ›