Anfälligkeitssuche        Suche in 172616 CVE Beschreibungen
und 81291 Test Beschreibungen,
Zugriff auf 10,000+ Quellverweise.
Tests   CVE   Alle  

CVE Kennung:CAN-2005-2700
Beschreibung:ssl_engine_kernel.c in mod_ssl before 2.8.24, when using "SSLVerifyClient optional" in the global virtual host configuration, does not properly enforce "SSLVerifyClient require" in a per-location context, which allows remote attackers to bypass intended access restrictions.
Test Kennungen:  
Querverweise: Common Vulnerability Exposure (CVE) ID: CVE-2005-2700
BugTraq ID: 14721
CERT/CC vulnerability note: VU#744929
Debian Security Information: DSA-805 (Google Search)
Debian Security Information: DSA-807 (Google Search)
HPdes Security Advisory: HPSBUX01232
HPdes Security Advisory: SSRT051043
RedHat Security Advisories: RHSA-2005:608
RedHat Security Advisories: RHSA-2005:773
RedHat Security Advisories: RHSA-2005:816
SuSE Security Announcement: SUSE-SA:2005:051 (Google Search)
SuSE Security Announcement: SUSE-SA:2005:052 (Google Search)
SuSE Security Announcement: SuSE-SA:2006:051 (Google Search)

© 1998-2020 E-Soft Inc. Alle Rechte vorbehalten.