exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 13 of 13 RSS Feed

Files

modsecurity-apache_2.0.3.tar.gz
Posted Nov 1, 2006
Site modsecurity.org

Mod Security is an intrusion detection and prevention engine for Web applications which operates as an Apache module or Java Servlet filter. Its purpose is to increase Web application security, protecting Web applications from known and unknown attacks. It is flexible and easy to configure, monitors HTTP traffic (including POST payload), enhances logging, performs automatic built-in checks, and simultaneously allows administrators to create custom rules for their individual needs.

Changes: Version 2.0 is a major rewrite and includes XML support, event correlation, transaction scoring, anomaly detection, data persistence, wealth of anti-evasion functions, regex back-references, support for sessions, and much more.
tags | java, web
SHA-256 | dcf0c70ab6fc0326e03666acb006f92b59434787881f7c220e30e7519dbb417f

Related Files

ModSecurity 3.0.x Denial Of Service
Posted Sep 15, 2020
Authored by Christian Folini

ModSecurity version 3.0.x suffers from a denial of service vulnerability due to the handling of regular expression matching. ModSecurity version 3.0.x is affected by a denial of service vulnerability due to the global matching of regular expressions. The combination of a non-anchored regular expression and the ModSecurity capture action can be exploited via a specially crafted payload.

tags | advisory, denial of service
advisories | CVE-2020-15598
SHA-256 | df79f2392e827d107f0ec05ae4fe67b4b9956f6a18d720baf532bbded9256ab4
ModSecurity 3.0.0 Cross Site Scripting
Posted Jul 3, 2018
Authored by Adipta Basu

ModSecurity version 3.0.0 suffers from a cross site scripting vulnerability.

tags | exploit, xss
advisories | CVE-2018-13065
SHA-256 | 5c42cd2d793a05ab44aaba29ab13519105daabe2202dc94fc276d8fe97986ae4
Apache ModSecurity Chunked Request Bypass
Posted Mar 31, 2014
Authored by Martin Holst Swende

Apache ModSecurity versions prior to 2.7.6 appears to suffer from a filter evasion vulnerability via chunked requests.

tags | advisory, bypass
SHA-256 | b4577633493ef0b6de597cd73adb4abb6e8f136bc25547ae839a067e7209bd00
Modsecurity Cross Site Scripting Bypass
Posted Aug 31, 2013
Authored by Rafay Baloch

Modsecurity suffers from a cross site scripting bypass vulnerability.

tags | exploit, xss, bypass
SHA-256 | a733a0dbcebbe9fedb06363ea004ad94e998d20f23675d7a928b41d20331a6aa
Mod_Security Cross Site Scripting Bypass
Posted Jun 19, 2013
Authored by Rafay Baloch

Mod_security suffered from a cross site scripting filter bypass vulnerability.

tags | exploit, xss, bypass
SHA-256 | f2125bb4ab7692426d1789ea62aa804f599421f07fed6bc8474c3e45d715a2d3
ModSecurity Remote Null Pointer Dereference
Posted May 29, 2013
Authored by Younes JAAIDI

When ModSecurity receives a request body with a size bigger than the value set by the "SecRequestBodyInMemoryLimit" and with a "Content-Type" that has no request body processor mapped to it, ModSecurity will systematically crash on every call to "forceRequestBodyVariable" (in phase 1). This is the proof of concept exploit. Versions prior to 2.7.4 are affected.

tags | exploit, proof of concept
advisories | CVE-2013-2765
SHA-256 | b4e14816e4c5cdc0de651f2cc750a97fa531e3a0c488cb71922a3bc534259845
HPP Protection Patch For ModSecurity 2.5.9
Posted Jul 6, 2009
Authored by Andi | Site void.at

HPP (HTTP Parameter Pollution) protection patch for ModSecurity version 2.5.9.

tags | web, patch
systems | unix
SHA-256 | 694e79fd6246d584e4df0972c66d14e7afca6ec28b6e3eee0d217b41d58f5786
ModSecurity 2.5.9 Filter Bypass
Posted Jun 11, 2009
Authored by Lavakumar Kuppan

ModSecurity versions 2.5.9 and below using ModSecurity Core Rules versions 2.5-1.6.1 and below suffer from a HPP filter bypass vulnerability.

tags | exploit, bypass
SHA-256 | 2f61c414417e494073857e6cf0e2a2326c2b1a0f0799ba9d2d5afabe77938145
ModSecurity Denial Of Service
Posted Mar 20, 2009
Authored by Juan Galiana Lara

ModSecurity versions prior to 2.5.9 are vulnerable to a remote denial of service vulnerability.

tags | exploit, remote, denial of service
SHA-256 | 8773bf44208c8558e5fc2d15ae1be757d30697c1928ff4fefbf8e5dcf130a0f1
modsecurity-apache_2.1.0.tar.gz
Posted Mar 4, 2007
Site modsecurity.org

Mod Security is an intrusion detection and prevention engine for Web applications which operates as an Apache module or Java Servlet filter. Its purpose is to increase Web application security, protecting Web applications from known and unknown attacks. It is flexible and easy to configure, monitors HTTP traffic (including POST payload), enhances logging, performs automatic built-in checks, and simultaneously allows administrators to create custom rules for their individual needs.

Changes: Improved performance and reduced memory consumption (200% improvement). Includes the generic Web application security rules from the Core Rules project. The manual has been extensively improved.
tags | java, web
SHA-256 | fd37d64f7ffe193101da20f6e6e2016105de62948f3976aceaa96f636606fe74
modsecurity-apache_2.0.4.tar.gz
Posted Nov 30, 2006
Site modsecurity.org

Mod Security is an intrusion detection and prevention engine for Web applications which operates as an Apache module or Java Servlet filter. Its purpose is to increase Web application security, protecting Web applications from known and unknown attacks. It is flexible and easy to configure, monitors HTTP traffic (including POST payload), enhances logging, performs automatic built-in checks, and simultaneously allows administrators to create custom rules for their individual needs.

Changes: Fixed some bugs.
tags | java, web
SHA-256 | 622c3478515c951189334aa9a60ae7e71dfbbc671d983bf2f4b732a5fdd230a1
modsecurity-apache-1.9.1.tar.gz
Posted Dec 1, 2005
Site modsecurity.org

Mod Security is an intrusion detection and prevention engine for Web applications which operates as an Apache module or Java Servlet filter. Its purpose is to increase Web application security, protecting Web applications from known and unknown attacks. It is flexible and easy to configure, monitors HTTP traffic (including POST payload), enhances logging, performs automatic built-in checks, and simultaneously allows administrators to create custom rules for their individual needs.

Changes: Some small security improvements, and improvements, also some enhancements.
tags | java, web
SHA-256 | b8ef27d4bdfa652884217592c1c17d31a78a1b97978a9d9e2b7dcdf6e969cd6b
modsecurity-1.8.7.tar.gz
Posted Mar 25, 2005
Site modsecurity.org

Mod Security is an intrusion detection and prevention engine for Web applications which operates as an Apache module or Java Servlet filter. Its purpose is to increase Web application security, protecting Web applications from known and unknown attacks. It is flexible and easy to configure, monitors HTTP traffic (including POST payload), enhances logging, performs automatic built-in checks, and simultaneously allows administrators to create custom rules for their individual needs.

Changes: Minor security fixes, bug fixes and enhancements. Improved cookie parsers. Fixed evasion tactics.
tags | java, web
SHA-256 | 7314a0c6ebe50d8c71e44fcc520969a60d1d01a3c1a2e0a1d08b2b166eabf8ce
Page 1 of 1
Back1Next

File Archive:

December 2022

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Dec 1st
    2 Files
  • 2
    Dec 2nd
    0 Files
  • 3
    Dec 3rd
    0 Files
  • 4
    Dec 4th
    0 Files
  • 5
    Dec 5th
    0 Files
  • 6
    Dec 6th
    0 Files
  • 7
    Dec 7th
    0 Files
  • 8
    Dec 8th
    0 Files
  • 9
    Dec 9th
    0 Files
  • 10
    Dec 10th
    0 Files
  • 11
    Dec 11th
    0 Files
  • 12
    Dec 12th
    0 Files
  • 13
    Dec 13th
    0 Files
  • 14
    Dec 14th
    0 Files
  • 15
    Dec 15th
    0 Files
  • 16
    Dec 16th
    0 Files
  • 17
    Dec 17th
    0 Files
  • 18
    Dec 18th
    0 Files
  • 19
    Dec 19th
    0 Files
  • 20
    Dec 20th
    0 Files
  • 21
    Dec 21st
    0 Files
  • 22
    Dec 22nd
    0 Files
  • 23
    Dec 23rd
    0 Files
  • 24
    Dec 24th
    0 Files
  • 25
    Dec 25th
    0 Files
  • 26
    Dec 26th
    0 Files
  • 27
    Dec 27th
    0 Files
  • 28
    Dec 28th
    0 Files
  • 29
    Dec 29th
    0 Files
  • 30
    Dec 30th
    0 Files
  • 31
    Dec 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Hosting By
Rokasec
close