The mod_auth_shadow module 1.0 through 1.5 and 2.0 for Apache with AuthShadow enabled uses shadow authentication for all locations that use the require group directive, even when other authentication mechanisms are specified, which might allow remote authenticated users to bypass security restrictions.
References
Configurations
Configuration 1 (hide)
|
History
21 Nov 2024, 00:00
Type | Values Removed | Values Added |
---|---|---|
References | () http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=323789 - | |
References | () http://frontal1.mandriva.com/security/advisories?name=MDKSA-2005:200 - | |
References | () http://secunia.com/advisories/17060/ - Patch, Vendor Advisory | |
References | () http://secunia.com/advisories/17067 - | |
References | () http://secunia.com/advisories/17348 - | |
References | () http://www.debian.org/security/2005/dsa-844 - Patch, Vendor Advisory | |
References | () http://www.osvdb.org/19863 - | |
References | () http://www.securityfocus.com/bid/15224 - | |
References | () https://exchange.xforce.ibmcloud.com/vulnerabilities/22520 - |
Information
Published : 2005-10-13 21:02
Updated : 2024-11-21 00:00
NVD link : CVE-2005-2963
Mitre link : CVE-2005-2963
CVE.ORG link : CVE-2005-2963
JSON object : View
Products Affected
mod_auth_shadow
- mod_auth_shadow
CWE