FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

www/mod_security -- NULL pointer dereference DoS

Affected packages
mod_security < 2.7.3


VuXML ID 9dfb63b8-8f36-11e2-b34d-000c2957946c
Discovery 2013-05-27
Entry 2013-06-03

SecurityFocus reports:

When ModSecurity receives a request body with a size bigger than the value set by the "SecRequestBodyInMemoryLimit" and with a "Content-Type" that has no request body processor mapped to it, ModSecurity will systematically crash on every call to "forceRequestBodyVariable".


CVE Name CVE-2013-2765