IBM PureApplication System - ModSecurity chunked header security bypass

ModSecurity (mod_security) might allow remote attackers to bypass rules by using chunked transfer coding with a capitalized Chunked value in the Transfer-Encoding HTTP header. CVE(s): CVE-2013-5705 Affected product(s) and affected version(s):...



from IBM Product Security Incident Response Team http://ibm.co/1sNqrbg