Main Vulnerability Database Vulnerabilities #VU72086

#VU72086 Buffer overflow in ModSecurity - CVE-2023-24021

Published: February 9, 2023

Vulnerability identifier: #VU72086

Vulnerability risk: High

CVSSv4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber

CVE-ID: CVE-2023-24021

CWE-ID: CWE-119

Exploitation vector: Remote access

Exploit availability: No public exploit available

Vulnerable software:
ModSecurity

Software vendor:
Trustwave

Description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to a boundary error when executing rules that read the FILES_TMP_CONTENT collection. A remote attacker can upload a specially crafted file on the system, trigger memory corruption and execute arbitrary code on the target system or bypass implemented WAF protection rules.

Remediation

Install updates from vendor's website.

External links

https://github.com/SpiderLabs/ModSecurity/pull/2857/commits/4324f0ac59f8225aa44bc5034df60dbeccd1d334
https://github.com/SpiderLabs/ModSecurity/releases/tag/v2.9.7
https://github.com/SpiderLabs/ModSecurity/pull/2857
https://lists.debian.org/debian-lts-announce/2023/01/msg00023.html

#VU72086 Buffer overflow in ModSecurity - CVE-2023-24021

Description

Remediation

External links

Please verify you're human