4 matches found
CVE-2013-4566
The CVE-2013-4566 issue affects mod_nss 1.0.8 and earlier when NSSVerifyClient is set to none for the server/vhost context, failing to enforce the directory-context NSSVerifyClient setting and potentially bypassing access restrictions. Public documents detail this vulnerability and reference a fi...
CVE-2015-5244
The CVE-2015-5244 entry refers to a vulnerability in the NSSCipherSuite option when ciphersuites are enabled in mod_nss prior to 1.0.12, which can allow remote attackers to bypass application restrictions. Connected sources confirm the affected component as mod_nss / apache2-mod_nss and indicate ...
CVE-2011-4973
The CVE-2011-4973 issue affects mod_nss 1.0.8, where an authentication bypass allows remote attackers to assume the identity of a valid user by using their certificate and entering 'password' as the password. The linked documents corroborate this same description across multiple feeds; the NVD me...
CVE-2015-3277
CVE-2015-3277 affects the mod_nss module in Fedora, vulnerable versions are before 1.0.11. The root cause is incorrect parsing of multi-keyword cipherstrings, allowing remote attackers to obtain cipher lists. Impact is information disclosure of cipher lists; CVSS v3 base 7.5 (HIGH) per NVD. Remed...