Candidate: CVE-2013-2765
PublicDate: 2013-07-15 15:55:00 UTC
References:
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2765
 https://raw.github.com/SpiderLabs/ModSecurity/master/CHANGES
Description:
 The ModSecurity module before 2.7.4 for the Apache HTTP Server allows
 remote attackers to cause a denial of service (NULL pointer dereference,
 process crash, and disk consumption) via a POST request with a large body
 and a crafted Content-Type header.
Ubuntu-Description:
Notes:
Bugs:
 http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=710217
Priority: medium
Discovered-by:
Assigned-to:
CVSS: 

Patches_modsecurity-apache:
 upstream: https://github.com/SpiderLabs/ModSecurity/commit/0840b13612a0b7ef1ce7441cf811dcfc6b463fba
upstream_modsecurity-apache: released (2.7.4)
lucid_modsecurity-apache: DNE
precise_modsecurity-apache: ignored (reached end-of-life)
precise/esm_modsecurity-apache: DNE (precise was needed)
trusty_modsecurity-apache: not-affected (2.7.7-2)
trusty/esm_modsecurity-apache: not-affected (2.7.7-2)
vivid/stable-phone-overlay_modsecurity-apache: DNE
vivid/ubuntu-core_modsecurity-apache: DNE
wily_modsecurity-apache: not-affected
xenial_modsecurity-apache: not-affected
yakkety_modsecurity-apache: not-affected
zesty_modsecurity-apache: not-affected
devel_modsecurity-apache: not-affected