Off-by-one error in the mod_ssl Certificate Revocation List (CRL) verification callback in Apache, when configured to use a CRL, allows remote attackers to cause a denial of service (child process crash) via a CRL that causes a buffer overflow of one null byte.
References
Configurations
Configuration 1 (hide)
|
Configuration 2 (hide)
|
Configuration 3 (hide)
|
History
13 Feb 2023, 01:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
|
06 Jun 2021, 11:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
30 Mar 2021, 12:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
Information
Published : 2005-08-05 04:00
Updated : 2023-12-10 10:28
NVD link : CVE-2005-1268
Mitre link : CVE-2005-1268
CVE.ORG link : CVE-2005-1268
JSON object : View
Products Affected
redhat
- enterprise_linux_workstation
- enterprise_linux_desktop
- enterprise_linux_server
apache
- http_server
debian
- debian_linux
CWE
CWE-193
Off-by-one Error