The OVAL Repository5.42012-11-30T06:09:31.357-05:00ModSecurity bypass vulnerability (CVE-2012-2751)ModsecurityModSecurity before 2.6.6, when used with PHP, does not properly handle single quotes not at the beginning of a request parameter value in the Content-Disposition field of a request with a multipart/form-data Content-Type header, which allows remote attackers to bypass filtering rules and perform other attacks such as cross-site scripting (XSS) attacks. NOTE: this vulnerability exists because of an incomplete fix for CVE-2009-5031Gaurav KumarDRAFTINTERIMACCEPTEDACCEPTEDlibapache-mod-security package is installedlibapache-mod-security package is installedGaurav KumarDRAFTINTERIMACCEPTEDACCEPTEDUbuntu 12.04 is installedUbuntu 12.04Ubuntu 12.04 is installedGaurav KumarDRAFTINTERIMACCEPTEDACCEPTEDmodsecurity-apache package is installedUbuntu 12.04modsecurity-apache package is installedGaurav KumarDRAFTINTERIMACCEPTEDACCEPTEDUbuntu 11.10 is installedUbuntu 11.10Ubuntu 11.10 is installedSecPod TeamDRAFTINTERIMACCEPTEDACCEPTEDUbuntu 11.04 is installedUbuntu 11.04Ubuntu 11.04 is installedSecPod TeamDRAFTINTERIMACCEPTEDACCEPTEDUbuntu 10.04 is installedUbuntu 10.04Ubuntu 10.04 is installedSecPod TeamDRAFTINTERIMACCEPTEDACCEPTED/etclsb-release^.*Ubuntu.*\nDISTRIB_RELEASE=(\d{1,2}\.\d{1,2})$1libapache-mod-securitymodsecurity-apache12.0411.1011.0410.040:2.5.12-1+squeeze1build0.11.10.10:2.5.12-1+squeeze1build0.11.10.12.6.3-1ubuntu0.22.5.11-12.6.0-1