New Search

VirusVault Off-by-One Error in mod_ssl CRL

oval:org.mitre.oval:def:1714

Off-by-one error in the mod_ssl Certificate Revocation List (CRL) verification callback in Apache when configured to use a CRL allows remote attackers to cause a denial of service (child process crash) via a CRL that causes a buffer overflow of one null byte.

Family:
unix
Status:
ACCEPTED
Platform(s):
  • HP-UX 11
Class:
vulnerability
Reference(s):
  • CVE-2005-1268
Product(s):
  • Apache