CVE-2008-5676 Information

Description

Multiple unspecified vulnerabilities in the ModSecurity (aka mod_security) module 2.5.0 through 2.5.5 for the Apache HTTP Server when SecCacheTransformations is enabled allow remote attackers to cause a denial of service (daemon crash) or bypass the product’s functionality via unknown vectors related to \transformation caching.\

Reference

http://blog.modsecurity.org/2008/08/transformation.html http://freshmeat.net/projects/modsecurity/?branch_id=34901&release_id=282329 http://secunia.com/advisories/32146 http://www.vupen.com/english/advisories/2008/2795 https://exchange.xforce.ibmcloud.com/vulnerabilities/45770