CVE-2023-24021

NameCVE-2023-24021
DescriptionIncorrect handling of '\0' bytes in file uploads in ModSecurity before 2.9.7 may allow for Web Application Firewall bypasses and buffer overflows on the Web Application Firewall when executing rules that read the FILES_TMP_CONTENT collection.
SourceCVE (at NVD; CERT, LWN, oss-sec, fulldisc, bugtraq, EDB, Metasploit, Red Hat, Ubuntu, Gentoo, SUSE bugzilla/CVE, Mageia, GitHub advisories/code/issues, web search, more)
ReferencesDLA-3283-1
Debian Bugs1029329

Vulnerable and fixed packages

The table below lists information on source packages.

Source PackageReleaseVersionStatus
modsecurity-apache (PTS)buster2.9.3-1+deb10u1vulnerable
buster (security)2.9.3-1+deb10u2fixed
bullseye (security), bullseye2.9.3-3+deb11u1vulnerable
bookworm, sid2.9.7-1fixed

The information below is based on the following data on fixed versions.

PackageTypeReleaseFixed VersionUrgencyOriginDebian Bugs
modsecurity-apachesourcebuster2.9.3-1+deb10u2DLA-3283-1
modsecurity-apachesource(unstable)2.9.7-11029329

Notes

[bullseye] - modsecurity-apache <no-dsa> (Minor issue)
https://github.com/SpiderLabs/ModSecurity/pull/2857
https://github.com/SpiderLabs/ModSecurity/commit/4324f0ac59f8225aa44bc5034df60dbeccd1d334 (v2.9.7)

Search for package or bug name: Reporting problems