CVE-2007-1359

Name of the Vulnerable Software and Affected Versions ModSecurity (mod security) versions 2.1.0 and earlier

Description The issue arises from an interpretation conflict in ModSecurity, where remote attackers can bypass request rules by sending application/x-www-form-urlencoded POST data containing an ASCIIZ (0x00) byte. This byte is treated as a terminator by ModSecurity, but it is still processed as normal data by some HTTP parsers, including PHP 5.2.0, and possibly parsers in Perl and Python.

Recommendations For ModSecurity (mod security) versions 2.1.0 and earlier, update to a version later than 2.1.0 to resolve the issue.