Lucene search
Debian Security Bug TrackerDEBIANCVE:CVE-2005-1268HistoryAug 05, 2005 - 4:00 a.m.
CVE-2005-1268
2005-08-0504:00:00
Debian Security Bug Tracker
security-tracker.debian.org
10
5 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
0.009 Low
EPSS
Percentile
82.4%
Off-by-one error in the mod_ssl Certificate Revocation List (CRL) verification callback in Apache, when configured to use a CRL, allows remote attackers to cause a denial of service (child process crash) via a CRL that causes a buffer overflow of one null byte.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Debian | 12 | all | apache2 | < 2.0.54-5 | apache2_2.0.54-5_all.deb |
| Debian | 11 | all | apache2 | < 2.0.54-5 | apache2_2.0.54-5_all.deb |
| Debian | 10 | all | apache2 | < 2.0.54-5 | apache2_2.0.54-5_all.deb |
| Debian | 999 | all | apache2 | < 2.0.54-5 | apache2_2.0.54-5_all.deb |
| Debian | 13 | all | apache2 | < 2.0.54-5 | apache2_2.0.54-5_all.deb |
Related
nessus
nessus
FreeBSD : apache -- Certificate Revocation List (CRL) off-by-one vulnerability (e936d612-253f-11da-bc01-000e0c2e438a)
2006-05-13 00:00:00
SUSE-SA:2005:046: apache,apache2
2005-10-05 00:00:00
Mandrake Linux Security Advisory : apache2 (MDKSA-2005:129)
2005-10-05 00:00:00
openvas
openvas
FreeBSD Ports: apache
2008-09-04 00:00:00
FreeBSD Ports: apache
2008-09-04 00:00:00
SLES9: Security update for Apache 2 oes/CORE
2009-10-10 00:00:00
cve
cve
CVE-2005-1268
2005-08-05 04:00:00
ubuntucve
ubuntucve
CVE-2005-1268
2005-08-05 00:00:00
freebsd
freebsd
apache -- Certificate Revocation List (CRL) off-by-one vulnerability
2005-07-12 00:00:00
httpd
httpd
Apache Httpd < 2.0.55 : Malicious CRL off-by-one
2005-10-14 00:00:00
ubuntu
ubuntu
Apache 2 vulnerabilities
2005-08-04 00:00:00
centos
centos
httpd, mod_ssl security update
2005-07-25 10:13:58
suse
suse
authentication bypass in apache,apache2
2005-08-16 08:42:40
redhat
redhat
(RHSA-2005:582) httpd security update
2005-07-25 00:00:00
debian
debian
[SECURITY] [DSA 805-1] New Apache2 packages fix several vulnerabilities
2005-09-08 18:07:44
[SECURITY] [DSA 805-1] New Apache2 packages fix several vulnerabilities
2005-09-08 18:07:44
osv
osv
apache2 - several
2005-09-08 00:00:00
5 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
0.009 Low
EPSS
Percentile
82.4%
Related for DEBIANCVE:CVE-2005-1268