IDCVSSSummaryLast (major) updatePublished
CVE-2004-0009 7.5
Apache-SSL 1.3.28+1.52 and earlier, with SSLVerifyClient set to 1 or 3 and SSLFakeBasicAuth enabled, allows remote attackers to forge a client certificate by using basic authentication with the "one-line DN" of the target user.
10-10-2017 - 01:30 03-03-2004 - 05:00
CVE-2008-0555 7.5
The ExpandCert function in Apache-SSL before apache_1.3.41+ssl_1.59 does not properly handle (1) '/' and (2) '=' characters in a Distinguished Name (DN) in a client certificate, which might allow remote attackers to bypass authentication via a crafte
15-10-2018 - 22:01 04-04-2008 - 00:44
CVE-2002-0082 7.5
The dbm and shm session cache code in mod_ssl before 2.8.7-1.3.23, and Apache-SSL before 1.3.22+1.46, does not properly initialize memory using the i2d_SSL_SESSION function, which allows remote attackers to use a buffer overflow to execute arbitrary
18-10-2016 - 02:16 15-03-2002 - 05:00
Back to Top Mark selected
Back to Top