Ervin Hegedues

**Name of the Vulnerable Software and Affected Versions** Trustwave ModSecurity versions 3.x through 3.0.4 **Description** The issue is related to the handling of regular expressions in Trustwave ModSecurity, which can result in a Denial of Service condition. An attacker would need to know that a rule using a potentially problematic regular expression was in place and the basic nature of the regular expression itself to exploit any resource issues. It is well known that regular expression usage can be taxing on system resources regardless of the use case. The vendor does not consider this as a security issue, as there is no default configuration issue and it is up to the administrator to decide on when it is appropriate to trade resources for potential security benefit. **Recommendations** For Trustwave ModSecurity versions 3.x through 3.0.4, consider restricting the use of regular expressions in rules to minimize the risk of exploitation. As a temporary workaround, consider disabling rules that use potentially problematic regular expressions until a patch is available. Administrators should review their configuration and decide on the appropriate trade-off between resources and potential security benefits. At the moment, there is no information about a newer version that contains a fix for this vulnerability.