Your submission was sent successfully! Close

CVE-2013-5705

Published: 15 April 2014

apache2/modsecurity.c in ModSecurity before 2.7.6 allows remote attackers to bypass rules by using chunked transfer coding with a capitalized Chunked value in the Transfer-Encoding HTTP header.

Priority

Medium

Status

Package Release Status
libapache-mod-security
Launchpad, Ubuntu, Debian
artful Does not exist

lucid Ignored
(reached end-of-life)
precise Does not exist

quantal Does not exist

saucy Does not exist

trusty Does not exist

upstream
Released (2.7.6)
utopic Does not exist

vivid Does not exist

wily Does not exist

xenial Does not exist

yakkety Does not exist

zesty Does not exist

modsecurity-apache
Launchpad, Ubuntu, Debian
artful Not vulnerable
(2.7.7-2)
lucid Does not exist

precise Does not exist
(precise was needed)
quantal Ignored
(reached end-of-life)
saucy Ignored
(reached end-of-life)
trusty Not vulnerable
(2.7.7-2)
upstream
Released (2.7.7-1, 2.7.6)
utopic Not vulnerable
(2.7.7-2)
vivid Does not exist

wily Not vulnerable
(2.7.7-2)
xenial Not vulnerable
(2.7.7-2)
yakkety Not vulnerable
(2.7.7-2)
zesty Not vulnerable
(2.7.7-2)