[Owasp-modsecurity-core-rule-set] id "970903"] [msg "ASP/JSP source code leakage
James McIntyre
jim at mcintyresecurity.com
Fri Mar 19 14:09:16 EDT 2010
I am receiving the following messages in modsec_audit. Can anyone
point me in the direction of determining / deciphering what modsec is
identifying as a problem ?
Message: Match of "rx
(?:\\b(?:(?:i(?:nterplay|hdr|d3)|m(?:ovi|thd)|r(?:ar!|iff)|(?:ex|jf)if|f(?:lv|ws)|varg|cws)\\b|gif)|B(?:%pdf|\\.ra)\\b)"
against "RESPONSE_BODY" required. [file
"/etc/httpd/modsecurity.d/base_rules/modsecurity_crs_50_outbound.conf"]
[line "38"] [id "970903"] [msg "ASP/JSP source code leakage"] [severi
ty "ERROR"] [tag "LEAKAGE/SOURCE_CODE"]
Message: Warning. Operator GE matched 5 at TX:anomaly_score. [file
"/etc/httpd/modsecurity.d/base_rules/modsecurity_crs_60_correlation.conf"]
[line "44"] [msg "Tr
ansactional Anomaly Score (score 15): ASP/JSP source code leakage"]
system: fedora 12
apache: 2.2.14-1
mod_security-2.5.10-2
Appreciate any assistance....jim
-------------- next part --------------
An HTML attachment was scrubbed...
URL: https://lists.owasp.org/pipermail/owasp-modsecurity-core-rule-set/attachments/20100319/203b8651/attachment.html
More information about the Owasp-modsecurity-core-rule-set
mailing list