Bug#662947: libapache-mod-security: Rule execution error - PCRE limits exceeded (-8): (null)

Wed, 07 Mar 2012 05:57:29 -0800 

Package: libapache-mod-security
Version: 2.5.12-1
Severity: normal

Hi,

I'm getting this message on multiple web pages:
| Message: Rule execution error - PCRE limits exceeded (-8): (null).
| Message: Access denied with code 403 (phase 2). Match of "streq 0"
|   against"TX:MSC_PCRE_LIMITS_EXCEEDED" required. [file
|   "/etc/modsecurity/00debian7.conf"] [line "93"] [msg "ModSecurity
|   internal error flagged: TX:MSC_PCRE_LIMITS_EXCEEDED"]
| Action: Intercepted (phase 2)
| Stopwatch: 1331122914310502 8477 (1514 8124 -)
| Producer: ModSecurity for Apache/2.5.12 (http://www.modsecurity.org/); core 
ruleset/2.2.3.
| Server: Apache/2.2.16 (Debian)

The file 00debian7.conf is in fact 'modsecurity.conf-recommended' from
Debian package version 2.6.3-1 with small changes to make it start with
libapache-mod-security from Debian 6.0.
# s%REQBODY_ERROR%REQBODY_PROCESSOR_ERROR%
# s%^\(SecRequestBodyLimitAction\)%#\1%

These are caused by legitimate web access requests.
Removing/disabling SecPcreMatchLimit parameters doesn't change anything.
Increasing to 10000000 doesn't help either. Thus, this appears to be
an internal error of ModSecurity.

Thanks

-- System Information:
Debian Release: 6.0.4
  APT prefers stable-updates
  APT policy: (500, 'stable-updates'), (500, 'stable')
Architecture: amd64 (x86_64)

Kernel: Linux 2.6.32-5-amd64 (SMP w/4 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash

Versions of packages libapache-mod-security depends on:
ii  apache2.2-common   2.2.16-6+squeeze6     Apache HTTP Server common files
ii  libc6              2.11.3-3              Embedded GNU C Library: Shared lib
ii  liblua5.1-0        5.1.4-5               Simple, extensible, embeddable pro
ii  libpcre3           8.02-1.1              Perl 5 Compatible Regular Expressi
ii  libxml2            2.7.8.dfsg-2+squeeze3 GNOME XML library
ii  mod-security-commo 2.5.12-1              Tighten web applications security 

libapache-mod-security recommends no packages.

libapache-mod-security suggests no packages.

-- no debconf information



-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Reply via email to