IBM Support

IBM PureApplication System - ModSecurity chunked header security bypass

Flashes (Alerts)


Abstract

ModSecurity (mod_security) might allow remote attackers to bypass rules by using chunked transfer coding with a capitalized Chunked value in the Transfer-Encoding HTTP header.

Content

VULNERABILITY DETAILS:

CVE ID: CVE-2013-5705

DESCRIPTION:

ModSecurity (mod_security) might allow a remote attacker to bypass security restrictions, caused by the improper handling of a specially-crafted chunked header. An attacker could exploit this vulnerability to bypass security filters and inject arbitrary content into the system.


apache2/modsecurity.c in ModSecurity before 2.7.6 allows remote attackers to bypass rules by using chunked transfer coding with a capitalized Chunked value in the Transfer-Encoding HTTP header.


CVSS:
CVSS Base Score: 5
CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/92236 for more information
CVSS Environmental Score*: Undefined
CVSS Vector: (AV:N/AC:L/Au:N/C:N/I:P/A:N)

*The CVSS Environment Score is customer environment specific and will ultimately impact the Overall CVSS Score. Customers can evaluate the impact of this vulnerability in their environments by accessing the links in the Reference section of this Flash.


AFFECTED PRODUCTS AND VERSIONS:
  • IBM PureApplication System 1.1 and later


    • REMEDIATION:
    Upgrade to IBM PureApplication System Version 1.1.0.4 cFix3
    Contact IBM Support if you have problems upgrading to this version of IBM PureApplication System.


    WORKAROUND(S) and MITIGATION(S):
    Exposure in the IBM PureApplication System is reduced by other product security measures, but the internal version of mod_security is being replaced to remove possibilities of exposures.

    REFERENCES:
    Complete CVSS Guide (http://www.first.org/cvss/v2/guide)
    On-line Calculator V2 (http://nvd.nist.gov/cvss.cfm?calculator&adv&version=2)

    RELATED INFORMATION:
    IBM Secure Engineering Web Portal
    IBM Product Security Incident Response Blog


    ACKNOWLEDGEMENT:
    None

    CHANGE HISTORY:
    12 September 2014 - Original Copy Published


    Note: According to the Forum of Incident Response and Security Teams (FIRST), the Common Vulnerability Scoring System (CVSS) is an "industry open standard designed to convey vulnerability severity and help to determine urgency and priority of response." IBM PROVIDES THE CVSS SCORES "AS IS" WITHOUT WARRANTY OF ANY KIND, INCLUDING THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. CUSTOMERS ARE RESPONSIBLE FOR ASSESSING THE IMPACT OF ANY ACTUAL OR POTENTIAL SECURITY VULNERABILITY.

    [{"Product":{"code":"SSM8NY","label":"PureApplication System"},"Business Unit":{"code":"BU053","label":"Cloud \u0026 Data Platform"},"Component":"Security","Platform":[{"code":"PF016","label":"Linux"},{"code":"PF002","label":"AIX"},{"code":"PF033","label":"Windows"}],"Version":"1.1.0.4;1.1.0.3;1.1.0.2;1.1.0.1;1.1.0.0","Edition":"","Line of Business":{"code":"","label":""}}]

    Document Information

    Modified date:
    25 September 2022

    UID

    swg21683965

    Page Feedback