SERVER-OTHER -- Snort has detected traffic exploiting vulnerabilities in a server in the network.
SERVER-OTHER Trustwave ModSecurity chunked transfer encoding policy bypass attempt
Rule checks for malformed Transfer-Encoding HTTP header.
apache2/modsecurity.c in ModSecurity before 2.7.6 allows remote attackers to bypass rules by using chunked transfer coding with a capitalized Chunked value in the Transfer-Encoding HTTP header.
No public information
No known false positives
Talos research team. This document was generated from data supplied by the national vulnerability database, a product of the national institute of standards and technology. For more information see [nvd].
MITRE::ATT&CK Framework::Enterprise::Initial Access::Exploit Public-Facing Application
Authentication Bypass
An Authentication Bypass occurs when there is a way to avoid providing user credentials to a system before performing restricted operations on said system.
CVE-2013-5705 |
Loading description
|