Intrusion Prevention

Trustwave.Holdings.ModSecurity.Chunked.Policy.Bypass

Description

This indicates an attack attempt to exploit a Security Bypass vulnerability in Trustwave ModSecurity.
The vulnerability is due to improper validation of user supplied data when vulnerable module handles a malicious HTTP request. A remote attacker may be able to exploit this to bypass web application firewall and execute arbitrary code via a crafted HTTP request.

Affected Products

Trustwave: SpiderLabs ModSecurity prior to 2.7.6

Impact

Security Bypass: Remote attackers can bypass security checks of vulnerable systems.

Recommended Actions

Apply the latest update from the vendor
https://github.com/SpiderLabs/ModSecurity/releases/tag/v2.7.6

CVE References

CVE-2013-5705