Back to search
CVE-2005-2700
Published: Sep 6, 2005
Modified: Aug 7, 2024
PUBLISHED
Description
ssl_engine_kernel.c in mod_ssl before 2.8.24, when using "SSLVerifyClient optional" in the global virtual host configuration, does not properly enforce "SSLVerifyClient require" in a per-location context, which allows remote attackers to bypass intended access restrictions.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
16705
third-party-advisory
x_refsource_SECUNIA
DSA-807
vendor-advisory
x_refsource_DEBIAN
SSRT051043
vendor-advisory
x_refsource_HP
RHSA-2005:608
vendor-advisory
x_refsource_REDHAT
16700
third-party-advisory
x_refsource_SECUNIA
17813
third-party-advisory
x_refsource_SECUNIA
16743
third-party-advisory
x_refsource_SECUNIA
16753
third-party-advisory
x_refsource_SECUNIA
http://support.avaya.com/elmodocs2/security/ASA-2006-081.htm
x_refsource_CONFIRM
HPSBUX01232
vendor-advisory
x_refsource_HP
ADV-2005-2659
vdb-entry
x_refsource_VUPEN
17088
third-party-advisory
x_refsource_SECUNIA
TSLSA-2005-0059
vendor-advisory
x_refsource_TRUSTIX
22523
third-party-advisory
x_refsource_SECUNIA
SUSE-SA:2005:051
vendor-advisory
x_refsource_SUSE
16748
third-party-advisory
x_refsource_SECUNIA
USN-177-1
vendor-advisory
x_refsource_UBUNTU
http://people.apache.org/~jorton/CAN-2005-2700.diff
x_refsource_CONFIRM
16754
third-party-advisory
x_refsource_SECUNIA
MDKSA-2005:161
vendor-advisory
x_refsource_MANDRIVA
oval:org.mitre.oval:def:10416
vdb-entry
signature
x_refsource_OVAL
RHSA-2005:773
vendor-advisory
x_refsource_REDHAT
https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=167195
x_refsource_CONFIRM
SuSE-SA:2006:051
vendor-advisory
x_refsource_SUSE
RHSA-2005:816
vendor-advisory
x_refsource_REDHAT
16789
third-party-advisory
x_refsource_SECUNIA
16714
third-party-advisory
x_refsource_SECUNIA
16769
third-party-advisory
x_refsource_SECUNIA
ADV-2006-4207
vdb-entry
x_refsource_VUPEN
17288
third-party-advisory
x_refsource_SECUNIA
16956
third-party-advisory
x_refsource_SECUNIA
19072
third-party-advisory
x_refsource_SECUNIA
21848
third-party-advisory
x_refsource_SECUNIA
19188
vdb-entry
x_refsource_OSVDB
ADV-2005-1625
vdb-entry
x_refsource_VUPEN
16771
third-party-advisory
x_refsource_SECUNIA
16746
third-party-advisory
x_refsource_SECUNIA
GLSA-200509-12
vendor-advisory
x_refsource_GENTOO
SUSE-SA:2005:052
vendor-advisory
x_refsource_SUSE
DSA-805
vendor-advisory
x_refsource_DEBIAN
14721
vdb-entry
x_refsource_BID
19073
third-party-advisory
x_refsource_SECUNIA
[apache-modssl] 20050902 [ANNOUNCE] mod_ssl 2.8.24-1.3.33
mailing-list
x_refsource_MLIST
VU#744929
third-party-advisory
x_refsource_CERT-VN
OpenPKG-SA-2005.017
vendor-advisory
x_refsource_OPENPKG
16864
third-party-advisory
x_refsource_SECUNIA
17311
third-party-advisory
x_refsource_SECUNIA
102197
vendor-advisory
x_refsource_SUNALERT
102198
vendor-advisory
x_refsource_SUNALERT
ADV-2006-0789
vdb-entry
x_refsource_VUPEN
[httpd-dev] 20190804 Re: svn commit: r1856807 - /httpd/test/framework/trunk/t/security/CVE-2019-0215.t
mailing-list
x_refsource_MLIST
[httpd-dev] 20190806 Re: svn commit: r1856807 - /httpd/test/framework/trunk/t/security/CVE-2019-0215.t
mailing-list
x_refsource_MLIST
[httpd-cvs] 20210330 svn commit: r1073139 [1/13] - in /websites/staging/httpd/trunk/content: ./ security/json/
mailing-list
x_refsource_MLIST
[httpd-cvs] 20210330 svn commit: r1888194 [4/13] - /httpd/site/trunk/content/security/json/
mailing-list
x_refsource_MLIST
[httpd-cvs] 20210330 svn commit: r1073143 [2/3] - in /websites/staging/httpd/trunk/content: ./ security/
mailing-list
x_refsource_MLIST
[httpd-cvs] 20210330 svn commit: r1073139 [4/13] - in /websites/staging/httpd/trunk/content: ./ security/json/
mailing-list
x_refsource_MLIST
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now