-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
New Release of GotRoot Web Signatures
Diff of /etc/modsecurity/apache2-rules.conf
Diff of /etc/modsecurity/blacklist.conf
Diff of /etc/modsecurity/proxy.conf
Diff of /etc/modsecurity/rules.conf
Diff of /etc/modsecurity/blacklist2.conf
Diff of /etc/modsecurity/exclude.conf
Diff of /etc/modsecurity/rootkits.conf
Diff of /etc/modsecurity/useragents.conf
Diff of /etc/modsecurity/exclude.conf
Diff of /etc/modsecurity/badips.conf
Diff of /etc/modsecurity/recons.conf
Diff of /etc/modsecurity/jitp.conf
4410,4452d4409
<
< #Eazy Cart Multiple Vulnerabilities
< SecFilterSelective REQUEST_URI
"easycart.php"
"chain,id:390154,rev:1,severity:2,msg:'JITP: Eazy Cart
SQL injection'"
< SecFilterSelective ARG_price
"((select|grant|delete|insert|drop|alter|replace|trunca
te|update|create|rename|describe)[[:space:]]+[A-Z|a-z|0-9|*
|
|,]+[[:space:]]+(from|into|table|database|index|view)[[:spa
ce:]]+[A-Z|a-z|0-9|*| |,]|'|UNION.*SELECT.*FROM)"
< SecFilterSelective REQUEST_URI
"admin/config/customer.dat"
"id:390155,rev:1,severity:2,msg:'JITP: Eazy Cart
Customer Data Access'"
< SecFilterSelective REQUEST_URI
"easycart.php"
"chain,id:390156,rev:1,severity:2,msg:'JITP: Eazy Cart
XSS ATTACK'"
< SecFilterSelective ARGS
"<[[:space:]]*(script|about|applet|activex|chrome).*
(script|about|applet|activex|chrome)[[:space:]]*>"
<
< #WebYep "webyep_sIncludePath" File Inclusion
Vulnerabilities
< SecFilterSelective REQUEST_URI
"webyep-system/program/((lib|elements)/|webyep.php)&qu
ot; "chain,id:390157,rev:1,severity:2,msg:'JITP: WebYep
webyep_sIncludePath File Inclusion Vulnerabilities'"
< SecFilterSelective ARG_webyep_sIncludePath
"((ht|f)tps?:/|../..)"
<
< #Travelsized CMS "setup_folder" File
Inclusion Vulnerability
< SecFilterSelective REQUEST_URI
"frontpage.php"
"chain,id:390158,rev:1,severity:2,msg:'JITP:
Travelsized CMS setup_folder File Inclusion
Vulnerabilities'"
< SecFilterSelective ARG_setup_folder
"((ht|f)tps?:/|../..)"
<
< #VideoDB "config[pdf_module]" File Inclusion
Vulnerability
< SecFilterSelective REQUEST_URI
"core/pdf.php"
"chain,id:390159,rev:1,severity:2,msg:'JITP: VideoDB
File Inclusion Vulnerabilities'"
< SecFilterSelective REQUEST_URI
"config[pdf_module].*((ht|f)tps?:/|../..)"
<
< #AllMyGuests "_AMGconfig[cfg_serverpath]"
File Inclusion
< SecFilterSelective REQUEST_URI "signin.php"
"chain,id:390160,rev:1,severity:2,msg:'JITP:
AllMyGuests File Inclusion Vulnerabilities'"
< SecFilterSelective REQUEST_URI
"_AMGconfig[cfg_serverpath].*((ht|f)tps?:/|../..)
"
<
< #OpenBiblio Local File Inclusion and SQL Injection
< SecFilterSelective REQUEST_URI
"shared/(header|help).php"
"chain,id:390161,rev:1,severity:2,msg:'JITP: OpenBiblio
File Inclusion Vulnerabilities'"
< SecFilterSelective ARGS
"(((ht|f)tps?:/|../..)|((select|grant|delete|insert
|drop|alter|replace|truncate|update|create|rename|describe)[
[:space:]]+[A-Z|a-z|0-9|*|
|,]+[[:space:]]+(from|into|table|database|index|view)[[:spa
ce:]]+[A-Z|a-z|0-9|*| |,]|'|UNION.*SELECT.*FROM))"
<
< #BasiliX "BSX_LIBDIR" File Inclusion
Vulnerabilities
< SecFilterSelective REQUEST_URI ".php"
"chain,id:390162,rev:1,severity:2,msg:'JITP: BasiliX
BSX_LIBDIR File Inclusion Vulnerabilities'"
< SecFilterSelective ARG_BSX_LIBDIR
"((ht|f)tps?:/|../..)"
<
< #PowerPortal "file_name[]" File Inclusion
Vulnerability
< SecFilterSelective REQUEST_URI "index.php"
"chain,id:390163,rev:1,severity:2,msg:'JITP:
Powerportal File Inclusion Vulnerabilities'"
< SecFilterSelective REQUEST_URI
"file_name[].*((ht|f)tps?:/|../..)"
<
< #DeluxeBB "templatefolder" File Inclusion
Vulnerability
< SecFilterSelective REQUEST_URI
"/templates/.*/.*/.*.php"
"chain,id:390164,rev:1,severity:2,msg:'JITP: DeluxeBB
teplatefolder File Inclusion Vulnerabilities'"
< SecFilterSelective ARG_templatefolder
"((ht|f)tps?:/|../..)"
<
< #TagIt! Tagboard "page" File Inclusion
Vulnerability
< SecFilterSelective REQUEST_URI "/index.php"
"chain,id:390165,rev:1,severity:2,msg:'JITP: Tagit page
File Inclusion Vulnerabilities'"
< SecFilterSelective ARG_page "(ht|f)tps?:/"
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.5 (GNU/Linux)
iQIVAwUBRSwh6bVvl2Kn6BhaAQKUmRAAgZ0M75l7VZgI4buCm1r0EVJozuzF
TsO3
kb/PeSfNihZz3aMsPmzqk1a9Ur34V1p6lQooRgmoXlT//wflnVfAmRRy2qob
po4w
ZpTtS2GNk6mdW5NdcgcWbu0H/NA6wC+M0cl1Xyiu7d2lMm/QFAqIEagp66wJ
X8fp
n++du8IAE+ALyh5fKymzgaoCTQyego+soJVItq/R6n5XrPqcKcebVUwAV4DD
B3JF
OdWBBfeE1/Lw5qbV5P9qK8MLa20NBJBTXK6aY+m+feiaMJTQspt8Jm3nu3ZB
2Jey
O/xtziQTai1O9SbfT9MM1etOd8xHVVXqD+pwAdLwf91aEPLJ7J4CxdpBR0aU
tzoF
brLcNwlDcNosnO4+X32WdYXHHm+1ehJPhnFQz7zc0C+fW/jMxEjAq4/5/NMx
ZHzD
WzBvKTTUvv0gLZzcuKEOPwVX1O0JQF5/YBMno7wPWaY4vTss0xY+O5OFR2dq
5xgw
uNn3EAQKyeeFOms0h1oDijTa9EdOMnYoY0Jl5FpnHvr4sFYpS180FeP9WaU+
OByS
gw+I9CAiFxgFzzkE8V8Wcu9LVbq7wqjaN4o/OSWU3Te3OE/P1kDaTrD6rUnJ
CYSZ
xztxNQhbOI8HDN6909BZnPbcf6FOla03n5TAnjZcccvhH2TU91t9fGlRjoNs
HtP2
Xd4dJCAf6FA=
=d5mZ
-----END PGP SIGNATURE-----
_______________________________________________
Modsecurity mailing list
Modsecurity gotroot.com
http://lists.gotroot.com/mailman/listinfo/modsecurity
|