|
From: Christian F. <chr...@ne...> - 2021-03-04 08:22:53
|
Hey Blason, I have not seen anything yes, yet there is a bit of discussion in https://github.com/coreruleset/coreruleset/issues/2025 Looking over different blog posts, I see more and more indicators / exploit information being shared, so we might be able to arrange something. I'm a bit reluctant to attempt a partial solution since it will give people a false sense of security (and prevent them from patching). And given it's a very complex set of exploits, it's hard to conclude that we know enough to really prevent this. If ModSecurity can detect it at all. Also: It would be neat, if Exchange would continue to work in standard use cases with any rules active. And that probably takes a fair bit of Exchange knowhow. Best, Christian On Wed, Mar 03, 2021 at 08:40:34AM +0530, Blason R wrote: > Hi Team, > > Just keen to know if any rules or signatures are available for > CVE-2021-26855 > <https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-26855> > _______________________________________________ > mod-security-users mailing list > mod...@li... > https://lists.sourceforge.net/lists/listinfo/mod-security-users > Commercial ModSecurity Rules and Support from Trustwave's SpiderLabs: > http://www.modsecurity.org/projects/commercial/rules/ > http://www.modsecurity.org/projects/commercial/support/ |
