5 matches found
mod_nss: FakeBasicAuth authentication bypass
Authentication bypass vulnerability in modnss 1.0.8 allows remote attackers to assume the identity of a valid user by using their certificate and entering 'password' as the password...
GLSA-200406-05 : Apache: Buffer overflow in mod_ssl
The remote host is affected by the vulnerability described in GLSA-200406-05 Apache: Buffer overflow in modssl A bug in the function sslutiluuencodebinary in sslutil.c may lead to a remote buffer overflow on a server configured to use FakeBasicAuth that will trust a client certificate with an...
Important: Red Hat Security Advisory: httpd security update
Updated httpd packages that fix a buffer overflow in modssl and a remotely triggerable memory leak are now available. The Apache HTTP server is a powerful, full-featured, efficient, and freely-available Web server. A stack buffer overflow was discovered in modssl that could be triggered if using...
Apache Httpd < 2.0.50 : FakeBasicAuth overflow
A buffer overflow in the modssl FakeBasicAuth code could be exploited by an attacker using a trusted client certificate with a subject DN field which exceeds 6K in length...
Apache OpenSSL buffer overflow
Buffer overflow if SSLOptions +FakeBasicAuth is used...