CVE-2013-4566

2013-12-12T18:55:00
ID CVE-2013-4566
Type cve
Reporter cve@mitre.org
Modified 2019-04-22T17:48:00

Description

mod_nss 1.0.8 and earlier, when NSSVerifyClient is set to none for the server/vhost context, does not enforce the NSSVerifyClient setting in the directory context, which allows remote attackers to bypass intended access restrictions.