mod-security-developers

[Breno S. P. (JIRA) <no...@mo...>]

     [ https://www.modsecurity.org/tracker/browse/MODSEC-19?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

Breno Silva Pinto resolved MODSEC-19.
-------------------------------------

    Resolution: Not a Bug

> Final boundary missing with Docushare
> -------------------------------------
>
>                 Key: MODSEC-19
>                 URL: https://www.modsecurity.org/tracker/browse/MODSEC-19
>             Project: ModSecurity
>          Issue Type: Improvement
>      Security Level: Normal
>          Components: Core
>    Affects Versions: 2.5.6
>         Environment: purely a rule issue I think?
>            Reporter: Jason Haar
>            Assignee: Breno Silva Pinto
>             Fix For: 2.6.0
>
>         Attachments: dump.tgz, httpTx-215272.dat.bz2, sample.log.gz
>
>
> Docushare (from Xerox) has a "native" win32 client that allows users to "mount" Docushare servers - so they can drag-n-drop. I think it was sort of a precursor to WebDAV? From what I've seen, it reminds me a bit of a Windows subversion client app -  TortoiseSVN
> Anyway, I am seeing modsec blocking users from using this native app. I see "ModSecurity: Multipart parsing error: Multipart: Final boundary missing" trigger, followed directly by 960912 - "Warning. Match of "eq 0" against "REQBODY_PROCESSOR_ERROR" required"
> I'll attach the modaudit dump of the event - after removing the content.
> [Sun Sep 14 09:08:57 2008] [error] [client 192.168.0.182] ModSecurity: Warning. Match of "eq 0" against "REQBODY_PROCESSOR_ERROR" required. [file "/etc/httpd/modsecurity.d/modsecurity_crs_20_protocol_violations.conf"] [line "31"] [id "960912"] [msg "Request Body Parsing Failed. Multipart parsing error: Multipart: Final boundary missing."] [severity "CRITICAL"] [hostname "hst.domain.com"] [uri "/docushare/dscgi/ds.py/ApplyUpload/File-287346"] [unique_id "dsx7wQoBPEEAADLnULsAAAAy"]
> [Sun Sep 14 09:09:27 2008] [error] [client 192.168.0.182] ModSecurity: Multipart parsing error: Multipart: Final boundary missing. [hostname "hst.domain.com"] [uri "/docushare/dscgi/ds.py/ApplyUpload/File-287347"] [unique_id "eDBmKQoBPEEAADLnULwAAAAy"]

-- 
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators: https://www.modsecurity.org/tracker/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira