In association with heise online

13 March 2009, 10:11

Apache ModSecurity firewall can be disabled

  • Twitter
  • Facebook
  • submit to slashdot
  • StumbleUpon
  • submit to reddit

The ModSecurity web application firewall for the Apache web server can be disabled by doctored HTTP queries. The new version (2.5.9), which is now available to download, has eliminated a problem that can crash the firewall while it's processing multi-part HTTP packets. If ModSecurity crashes, the Apache server process will also crash and may cease to respond to HTTP queries for some time.

ModSecurity version 2.5.8 had been issued just a few hours previously in order to fix a potential DoS vulnerability when PDF documents were requested. However, the problem only occurs if the PDF XSS module is enabled (by default it's disabled). Apache administrators who use ModSecurity are advised to update to version 2.5.9 as soon as possible.

See also:


Print Version | Send by email | Permalink:

  • July's Community Calendar

The H Open

The H Security

The H Developer

The H Internet Toolkit