EUVD-2005-1271

Malware in sbrugna...

DEBIAN-CVE-2025-49812

In some modssl configurations on Apache HTTP Server versions through to 2.4.63, an HTTP desynchronisation attack allows a man-in-the-middle attacker to hijack an HTTP session via a TLS upgrade. Only configurations using "SSLEngine optional" to enable TLS upgrades are affected. Users are recommend...

K5278: Apache mod_ssl SSLVerifyClient bypass - CAN-2005-2700

Security Advisory Description Note: Versions that are not listed in this article have not been evaluated for vulnerability to this security advisory. For information about the F5 security policy regarding evaluating older and unsupported versions of F5 products, refer to K4602: Overview of the F5...

SUSE CVE-2005-1268

Off-by-one error in the modssl Certificate Revocation List CRL verification callback in Apache, when configured to use a CRL, allows remote attackers to cause a denial of service child process crash via a CRL that causes a buffer overflow of one null byte...

OpenSSL Key Recovery Attack on DH small subgroups (CVE-2016-0701)

Usual Mandatory Disclaimer: IANAC I am not a cryptographer so I might likely end up writing a bunch of mistakes in this blog post... tl;dr The OpenSSL 1.0.2 releases suffer from a Key Recovery Attack on DH small subgroups. This issue got assigned CVE-2016-0701 with a severity of High and OpenSSL...

FreeBSD Ports: apache+mod_ssl

The remote host is missing an update to the system as announced in the referenced advisory. VID 18974c8a-1fbd-11d9-814e-0001020eed82 OpenVAS Vulnerability Test $ Description: Auto generated from vuxml or freebsd advisories Authors: Thomas Reinke Copyright: Copyright c 2008 E-Soft Inc...

FreeBSD Ports: ru-apache+mod_ssl

The remote host is missing an update to the system as announced in the referenced advisory. VID 4238151d-207a-11d9-bfe2-0090962cff2a OpenVAS Vulnerability Test $ Description: Auto generated from vuxml or freebsd advisories Authors: Thomas Reinke Copyright: Copyright c 2008 E-Soft Inc...

FreeBSD Ports: ru-apache+mod_ssl

The remote host is missing an update to the system as announced in the referenced advisory. SPDX-FileCopyrightText: 2008 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...

CVE-2005-3357

modssl in Apache 2.0 up to 2.0.55, when configured with an SSL vhost with access control and a custom error 400 error page, allows remote attackers to cause a denial of service application crash via a non-SSL request to an SSL port, which triggers a NULL pointer dereference...

FreeBSD : apache+mod_ssl* (2092)

The following package needs to be updated: apache+modssl %NASLMINLEVEL 70300 C Tenable Network Security, Inc. This script contains information extracted from VuXML : Copyright 2003-2006 Jacques Vidrine and contributors Redistribution and use in source VuXML and 'compiled' forms SGML, HTML, PDF,...

FreeBSD : apache+mod_ssl* (1778)

The following package needs to be updated: apache+modssl %NASLMINLEVEL 70300 C Tenable Network Security, Inc. This script contains information extracted from VuXML : Copyright 2003-2006 Jacques Vidrine and contributors Redistribution and use in source VuXML and 'compiled' forms SGML, HTML, PDF,...

CVE-2004-0885

The modssl module in Apache 2.0.35 through 2.0.52, when using the "SSLCipherSuite" directive in directory or location context, allows remote clients to bypass intended restrictions by using any cipher suite that is allowed by the virtual host configuration...

CVE-2004-0885

The modssl module in Apache 2.0.35 through 2.0.52, when using the "SSLCipherSuite" directive in directory or location context, allows remote clients to bypass intended restrictions by using any cipher suite that is allowed by the virtual host configuration...

CVE-2004-0748

modssl in Apache 2.0.50 and earlier allows remote attackers to cause a denial of service CPU consumption by aborting an SSL connection in a way that causes an Apache child process to enter an infinite loop...

CVE-2004-0751

The charbufferread function in the modssl module for Apache 2.x, when using reverse proxying to an SSL server, allows remote attackers to cause a denial of service segmentation fault...

CVE-2004-0751

The charbufferread function in the modssl module for Apache 2.x, when using reverse proxying to an SSL server, allows remote attackers to cause a denial of service segmentation fault...

CVE-2004-0885

The modssl module in Apache 2.0.35 through 2.0.52, when using the "SSLCipherSuite" directive in directory or location context, allows remote clients to bypass intended restrictions by using any cipher suite that is allowed by the virtual host configuration...

CVE-2004-0751

The charbufferread function in the modssl module for Apache 2.x, when using reverse proxying to an SSL server, allows remote attackers to cause a denial of service segmentation fault...

Apache mod_ssl 2.0.x - Remote Denial of Service

source: https://www.securityfocus.com/bid/11154/info Apache 2.x modssl is reported prone to a remote denial of service vulnerability. This issue likely exists because the application fails to handle exceptional conditions. The vulnerability originates in the 'charbufferread' function of the...

Apache mod_ssl 2.0.x - Remote Denial of Service

Apache modssl 2.0.x - Remote Denial of Service source: https://www.securityfocus.com/bid/11154/info Apache 2.x modssl is reported prone to a remote denial of service vulnerability. This issue likely exists because the application fails to handle exceptional conditions. The vulnerability originate...