[Cpanel Blog] URGENT: mod_security trivial bypass in versions < 2.6.6 (cpanel uses 2.6.3) June,2012

I've just learnt that there is an exploit in the wild which makes it trivially easy to bypass mod_security any version prior to 2.6.6

Easyapache is currently bundling 2.6.3 which is vulnerable.

Can 2.6.6 be included in easyapache ASAP ? And if it's going to take weeks to implement, is there any way we can manually mod_security to 2.6.6 until EA has it?
URGENT: mod_security trivial bypass in versions < 2.6.6 (cpanel uses 2.6.3)
Cpanel Blog Directing http to https May,2012

Related Post