Off-by-one error in the mod_ssl Certificate Revocation List (CRL) verification callback in Apache, when configured to use a CRL, allows remote attackers to cause a denial of service (child process crash) via a CRL that causes a buffer overflow of one null byte.
References
Configurations
Configuration 1 (hide)
|
Configuration 2 (hide)
|
Configuration 3 (hide)
|
History
No history.
Information
Published : 2005-08-05 04:00
Updated : 2024-02-28 10:42
NVD link : CVE-2005-1268
Mitre link : CVE-2005-1268
CVE.ORG link : CVE-2005-1268
JSON object : View
Products Affected
debian
- debian_linux
redhat
- enterprise_linux_desktop
- enterprise_linux_server
- enterprise_linux_workstation
apache
- http_server
CWE
CWE-193
Off-by-one Error