LWN.net Logo

Not logged in

Log in now

Create an account

Subscribe to LWN

Recent Features

LWN.net Weekly Edition for May 24, 2012

A uTouch architecture introduction

LWN.net Weekly Edition for May 17, 2012

Tasting the Ice Cream Sandwich

Highlights from the PostgreSQL 9.2 beta

Printable page
Weekly edition Kernel Security Distributions Contact Us Search
Archives Calendar Subscribe Write for LWN LWN.net FAQ Sponsors

apache information disclosure if modssl=yes

Package(s):apache CVE #(s):CAN-2005-2700
Created:September 2, 2005 Updated:November 10, 2005
Description: An information disclosure vulnerability was discovered in mod_ssl, the SSL/TLS module of the Apache webserver. When "SSLVerifyClient optional" was configured in the global virtual host configuration, an "SSLVerifyClient require" in per-location context was not enforced.
Alerts:
Fedora-Legacy FLSA:166941 2005-11-09
Gentoo 200509-12 2005-09-19
SuSE SUSE-SA:2005:052 2005-09-12
Red Hat RHSA-2005:773-01 2005-09-15
Slackware SSA:2005-251-03 2005-09-14
Debian DSA-807-1 2005-09-12
Slackware SSA:2005-251-02 2005-09-09
Fedora FEDORA-2005-849 2005-09-07
Mandriva MDKSA-2005:161 2005-09-08
Fedora FEDORA-2005-848 2005-09-07
Debian DSA-805-1 2005-09-08
Ubuntu USN-177-1 2005-09-07
Red Hat RHSA-2005:608-01 2005-09-06
OpenPKG OpenPKG-SA-2005.017 2005-09-02
(Log in to post comments)

Copyright © 2012, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds