LWN.net Logo

Not logged in

Log in now

Create an account

Subscribe to LWN

Recent Features

LWN.net Weekly Edition for May 23, 2013

An "enum" for Python 3

An unexpected perf feature

LWN.net Weekly Edition for May 16, 2013

A look at the PyPy 2.0 release

Printable page
Weekly edition Kernel Security Distributions Contact Us Search
Archives Calendar Subscribe Write for LWN LWN.net FAQ Sponsors

apache information disclosure if modssl=yes

Package(s):apache CVE #(s):CAN-2005-2700
Created:September 2, 2005 Updated:November 10, 2005
Description: An information disclosure vulnerability was discovered in mod_ssl, the SSL/TLS module of the Apache webserver. When "SSLVerifyClient optional" was configured in the global virtual host configuration, an "SSLVerifyClient require" in per-location context was not enforced.
Alerts:
Fedora-Legacy FLSA:166941 2005-11-09
Gentoo 200509-12 2005-09-19
SuSE SUSE-SA:2005:052 2005-09-12
Red Hat RHSA-2005:773-01 2005-09-15
Slackware SSA:2005-251-03 2005-09-14
Debian DSA-807-1 2005-09-12
Slackware SSA:2005-251-02 2005-09-09
Fedora FEDORA-2005-849 2005-09-07
Mandriva MDKSA-2005:161 2005-09-08
Fedora FEDORA-2005-848 2005-09-07
Debian DSA-805-1 2005-09-08
Ubuntu USN-177-1 2005-09-07
Red Hat RHSA-2005:608-01 2005-09-06
OpenPKG OpenPKG-SA-2005.017 2005-09-02
(Log in to post comments)

Copyright © 2013, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds