Full title: ModSecurity 3.0.x Denial Of Service Vulnerability 
Category: dos / poc
Platform: php
ModSecurity version 3.0.x suffers from a denial of service vulnerability due to the handling of regular expression matching. ModSecurity version 3.0.x is affected by a denial of service vulnerability due to the global matching of regular expressions. The combination of a non-anchored regular expression and the ModSecurity capture action can be exploited via a specially crafted payload.

# 0day.today @ http://0day.today/