New Search

Off-by-one error in the mod_ssl Certificate Revocation List (CRL) verification callback in Apache when configured to use a CRL allows remote attackers to cause a denial of service (child process crash) via a CRL that causes a buffer overflow of one null byte.

oval:org.mitre.oval:def:9589

Off-by-one error in the mod_ssl Certificate Revocation List (CRL) verification callback in Apache when configured to use a CRL allows remote attackers to cause a denial of service (child process crash) via a CRL that causes a buffer overflow of one null byte.

Family:
unix
Status:
ACCEPTED
Platform(s):
  • CentOS Linux 4
  • Red Hat Enterprise Linux 4
  • CentOS Linux 3
  • Red Hat Enterprise Linux 3
  • Oracle Linux 4
Class:
vulnerability
Reference(s):
  • CVE-2005-1268
Product(s):