subject:"Bug#662947\: libapache\-mod\-security\: Rule execution error \- PCRE limits exceeded \(\-8\)\: \(null\)"

Bug#662947: libapache-mod-security: Rule execution error - PCRE limits exceeded (-8): (null)

2012-03-07 Thread Teodor

Package: libapache-mod-security
Version: 2.5.12-1
Severity: normal

Hi,

I'm getting this message on multiple web pages:
| Message: Rule execution error - PCRE limits exceeded (-8): (null).
| Message: Access denied with code 403 (phase 2). Match of streq 0
|   againstTX:MSC_PCRE_LIMITS_EXCEEDED required. [file
|   /etc/modsecurity/00debian7.conf] [line 93] [msg ModSecurity
|   internal error flagged: TX:MSC_PCRE_LIMITS_EXCEEDED]
| Action: Intercepted (phase 2)
| Stopwatch: 1331122914310502 8477 (1514 8124 -)
| Producer: ModSecurity for Apache/2.5.12 (http://www.modsecurity.org/); core 
ruleset/2.2.3.
| Server: Apache/2.2.16 (Debian)

The file 00debian7.conf is in fact 'modsecurity.conf-recommended' from
Debian package version 2.6.3-1 with small changes to make it start with
libapache-mod-security from Debian 6.0.
# s%REQBODY_ERROR%REQBODY_PROCESSOR_ERROR%
# s%^\(SecRequestBodyLimitAction\)%#\1%

These are caused by legitimate web access requests.
Removing/disabling SecPcreMatchLimit parameters doesn't change anything.
Increasing to 1000 doesn't help either. Thus, this appears to be
an internal error of ModSecurity.

Thanks

-- System Information:
Debian Release: 6.0.4
  APT prefers stable-updates
  APT policy: (500, 'stable-updates'), (500, 'stable')
Architecture: amd64 (x86_64)

Kernel: Linux 2.6.32-5-amd64 (SMP w/4 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash

Versions of packages libapache-mod-security depends on:
ii  apache2.2-common   2.2.16-6+squeeze6 Apache HTTP Server common files
ii  libc6  2.11.3-3  Embedded GNU C Library: Shared lib
ii  liblua5.1-05.1.4-5   Simple, extensible, embeddable pro
ii  libpcre3   8.02-1.1  Perl 5 Compatible Regular Expressi
ii  libxml22.7.8.dfsg-2+squeeze3 GNOME XML library
ii  mod-security-commo 2.5.12-1  Tighten web applications security 

libapache-mod-security recommends no packages.

libapache-mod-security suggests no packages.

-- no debconf information



-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#662947: libapache-mod-security: Rule execution error - PCRE limits exceeded (-8): (null)

2012-03-07 Thread Teodor MICU

2012/3/7 Teodor mteo...@gmail.com:
 [..]
 I'm getting this message on multiple web pages:
 | Message: Rule execution error - PCRE limits exceeded (-8): (null).
 [..]
 Thus, this appears to be an internal error of ModSecurity.

For the record, this problem does not appear with CRS v2.0.10 but only
with v2.2.3. So it is more likely that modsecurity v2.5.12-1 doesn't
work properly with CRS v2.2.3.
It would be nice to have modsecurity in squeeze-backports. :-)

Thanks



-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#662947: libapache-mod-security: Rule execution error - PCRE limits exceeded (-8): (null)

Bug#662947: libapache-mod-security: Rule execution error - PCRE limits exceeded (-8): (null)

2 matches

Site Navigation

Mail list logo

Footer information