|
|
Subscribe / Log in / New account

apache information disclosure if modssl=yes

Package(s):apache CVE #(s):CAN-2005-2700
Created:September 2, 2005 Updated:November 10, 2005
Description: An information disclosure vulnerability was discovered in mod_ssl, the SSL/TLS module of the Apache webserver. When "SSLVerifyClient optional" was configured in the global virtual host configuration, an "SSLVerifyClient require" in per-location context was not enforced.
Alerts:
Fedora-Legacy FLSA:166941 httpd 2005-11-09
Gentoo 200509-12 mod_ssl 2005-09-19
SuSE SUSE-SA:2005:052 apache2 2005-09-12
Red Hat RHSA-2005:773-01 mod_ssl 2005-09-15
Slackware SSA:2005-251-03 multi 2005-09-14
Debian DSA-807-1 libapache-mod-ssl 2005-09-12
Slackware SSA:2005-251-02 mod_ssl 2005-09-09
Fedora FEDORA-2005-849 httpd 2005-09-07
Mandriva MDKSA-2005:161 apache2 2005-09-08
Fedora FEDORA-2005-848 httpd 2005-09-07
Debian DSA-805-1 apache2 2005-09-08
Ubuntu USN-177-1 apache2, libapache-mod-ssl 2005-09-07
Red Hat RHSA-2005:608-01 httpd 2005-09-06
OpenPKG OpenPKG-SA-2005.017 apache/modssl (apache::with_mod_ssl=yes only) 2005-09-02
to post comments


Copyright © 2025, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds