exploits , vulnerabilities , articles , Apache Mod_SSL SSLVerifyClient Restriction Bypass Vulnerability

Title	Apache Mod_SSL SSLVerifyClient Restriction Bypass Vulnerability
Published	2005-09-01-12:00AM
Updated	2005-11-10-02:56PM
Class	Design Error
CVE	CAN-2005-2700
Remote	Yes
Local	No
Credit	The discoverer of this issue is currently unknown.
Vulnerable	Ubuntu Ubuntu Linux 5.0 4 powerpc Ubuntu Ubuntu Linux 5.0 4 i386 Ubuntu Ubuntu Linux 5.0 4 amd64 Ubuntu Ubuntu Linux 4.1 ppc Ubuntu Ubuntu Linux 4.1 ia64 Ubuntu Ubuntu Linux 4.1 ia32 Turbolinux Turbolinux Workstation 8.0 Turbolinux Turbolinux Workstation 7.0 Turbolinux Turbolinux Server 10.0 Turbolinux Turbolinux Server 8.0 Turbolinux Turbolinux Server 7.0 Turbolinux Turbolinux Desktop 10.0 Turbolinux Turbolinux 10 F... TurboLinux Personal TurboLinux Multimedia Turbolinux Home Trustix Secure Linux 3.0 Trustix Secure Linux 2.2 Trustix Secure Enterprise Linux 2.0 Slackware Linux 10.1 Slackware Linux 10.0 Slackware Linux 9.1 Slackware Linux 9.0 Slackware Linux 8.1 Slackware Linux current SGI ProPack 3.0 SP6 S.u.S.E. OpenEnterpriseServer 9.0 S.u.S.E. Linux Professional 9.3 x86_64 S.u.S.E. Linux Professional 9.3 S.u.S.E. Linux Professional 9.2 x86_64 S.u.S.E. Linux Professional 9.2 S.u.S.E. Linux Professional 9.1 x86_64 S.u.S.E. Linux Professional 9.1 S.u.S.E. Linux Professional 9.0 x86_64 S.u.S.E. Linux Professional 9.0 S.u.S.E. Linux Personal 9.3 x86_64 S.u.S.E. Linux Personal 9.3 S.u.S.E. Linux Personal 9.2 x86_64 S.u.S.E. Linux Personal 9.2 S.u.S.E. Linux Personal 9.1 x86_64 S.u.S.E. Linux Enterprise Server 9 S.u.S.E. Linux Enterprise Server 8 RedHat Stronghold 4.0 RedHat Enterprise Linux WS 4 RedHat Enterprise Linux WS 3 RedHat Enterprise Linux ES 4 RedHat Enterprise Linux ES 3 RedHat Enterprise Linux AS 4 RedHat Enterprise Linux AS 3 RedHat Desktop 4.0 RedHat Desktop 3.0 MandrakeSoft Multi Network Firewall 2.0 MandrakeSoft Corporate Server 3.0 x86_64 MandrakeSoft Corporate Server 3.0 HP HPUX B.11.23 HP HPUX B.11.22 HP HPUX B.11.11 HP HPUX B.11.00 Debian Linux 3.0 sparc Debian Linux 3.0 s/390 Debian Linux 3.0 ppc Debian Linux 3.0 mipsel Debian Linux 3.0 mips Debian Linux 3.0 m68k Debian Linux 3.0 ia64 Debian Linux 3.0 ia32 Debian Linux 3.0 hppa Debian Linux 3.0 arm Debian Linux 3.0 alpha Debian Linux 3.0 Conectiva Linux 10.0 Avaya Integrated Management 2.1 Avaya Integrated Management Avaya CVLAN Apache Software Foundation Apache 2.1.7 Apache Software Foundation Apache 2.1.6 Apache Software Foundation Apache 2.1.5 Apache Software Foundation Apache 2.1.4 Apache Software Foundation Apache 2.1.3 Apache Software Foundation Apache 2.1.2 Apache Software Foundation Apache 2.1.1 Apache Software Foundation Apache 2.1 Apache Software Foundation Apache 2.0.54 Debian Linux 3.1 Debian Linux 3.1 alpha Debian Linux 3.1 amd64 Debian Linux 3.1 arm Debian Linux 3.1 hppa Debian Linux 3.1 ia32 Debian Linux 3.1 ia64 Debian Linux 3.1 m68k Debian Linux 3.1 mips Debian Linux 3.1 mipsel Debian Linux 3.1 ppc Debian Linux 3.1 s/390 Debian Linux 3.1 sparc Apache Software Foundation Apache 2.0.53 Apache Software Foundation Apache 2.0.52 Apple Mac OS X 10.2.8 Apple Mac OS X 10.3.6 Apple Mac OS X Server 10.2.8 Apple Mac OS X Server 10.3.6 RedHat Desktop 4.0 RedHat Enterprise Linux AS 4 RedHat Enterprise Linux ES 4 RedHat Enterprise Linux WS 4 Sun Solaris 10.0 Apache Software Foundation Apache 2.0.51 Apache Software Foundation Apache 2.0.50 MandrakeSoft Linux Mandrake 10.1 MandrakeSoft Linux Mandrake 10.1 x86_64 Apache Software Foundation Apache 2.0.49 S.u.S.E. Linux Personal 9.1 Trustix Secure Linux 2.0 Trustix Secure Linux 2.1 Apache Software Foundation Apache 2.0.48 MandrakeSoft Linux Mandrake 10.0 MandrakeSoft Linux Mandrake 10.0 amd64 S.u.S.E. Linux 8.1 S.u.S.E. Linux Personal 8.2 S.u.S.E. Linux Personal 9.0 S.u.S.E. Linux Personal 9.0 x86_64 Trustix Secure Linux 2.0 Trustix Secure Linux 2.1 Apache Software Foundation Apache 2.0.47 Apple Mac OS X Server 10.1 Apple Mac OS X Server 10.1.1 Apple Mac OS X Server 10.1.2 Apple Mac OS X Server 10.1.3 Apple Mac OS X Server 10.1.4 Apple Mac OS X Server 10.1.5 Apple Mac OS X Server 10.2 Apple Mac OS X Server 10.2.1 Apple Mac OS X Server 10.2.2 Apple Mac OS X Server 10.2.3 Apple Mac OS X Server 10.2.4 Apple Mac OS X Server 10.2.5 Apple Mac OS X Server 10.2.6 Apple Mac OS X Server 10.2.7 Apple Mac OS X Server 10.2.8 Apple Mac OS X Server 10.3 Apple Mac OS X Server 10.3.1 Apple Mac OS X Server 10.3.2 Apple Mac OS X Server 10.3.3 Apple Mac OS X Server 10.3.4 Apple Mac OS X Server 10.3.5 MandrakeSoft Linux Mandrake 9.1 MandrakeSoft Linux Mandrake 9.1 ppc MandrakeSoft Linux Mandrake 9.2 MandrakeSoft Linux Mandrake 9.2 amd64 Apache Software Foundation Apache 2.0.46 RedHat Desktop 3.0 RedHat Enterprise Linux AS 3 RedHat Enterprise Linux ES 3 RedHat Enterprise Linux WS 3 Trustix Secure Linux 2.0 Apache Software Foundation Apache 2.0.45 Apple Mac OS X 10.0 Apple Mac OS X 10.0.1 Apple Mac OS X 10.0.2 Apple Mac OS X 10.0.3 Apple Mac OS X 10.0.4 Apple Mac OS X 10.1 Apple Mac OS X 10.1 Apple Mac OS X 10.1.1 Apple Mac OS X 10.1.2 Apple Mac OS X 10.1.3 Apple Mac OS X 10.1.4 Apple Mac OS X 10.1.5 Apple Mac OS X 10.2 Apple Mac OS X 10.2.1 Apple Mac OS X 10.2.2 Apple Mac OS X 10.2.3 Apple Mac OS X 10.2.4 Apple Mac OS X 10.2.5 Apple Mac OS X 10.2.6 Conectiva Linux 9.0 Apache Software Foundation Apache 2.0.44 Apache Software Foundation Apache 2.0.43 Apache Software Foundation Apache 2.0.42 Apache Software Foundation Apache 2.0.41 Apache Software Foundation Apache 2.0.40 RedHat Linux 8.0 RedHat Linux 9.0 i386 Terra Soft Solutions Yellow Dog Linux 3.0 Apache Software Foundation Apache 2.0.39 Apache Software Foundation Apache 2.0.38 Apache Software Foundation Apache 2.0.37 Apache Software Foundation Apache 2.0.36 Apache Software Foundation Apache 2.0.35 Apache Software Foundation Apache 2.0.32 Apache Software Foundation Apache 2.0.28 Beta Apache Software Foundation Apache 2.0.28 Apache Software Foundation Apache 2.0 a9 Apache Software Foundation Apache 2.0
Not Vulnerable	Apache Software Foundation Apache 2.1.8 Apache Software Foundation Apache 2.0.55
Code	An exploit is not required to leverage this issue.
TXT

Vulnerabilities - newest 10 RSS | More

• 2009-12-04 Achievo Document Types Section Arbitrary File Upload Vulnerability
• 2009-12-04 Achievo Scheduler Category HTML Injection Vulnerability
• 2009-12-04 Yoast Google Analytics for WordPress Plugin 404 Error Page Cross Site Scripting Vulnerability
• 2009-12-04 DevIL DICOM File Handling Remote Buffer Overflow Vulnerability
• 2009-12-04 Invision Power Board Local File Include and SQL Injection Vulnerabilities
• 2009-12-04 Mozilla Firefox Yoono Extension DOM Event Handler Cross Domain Scripting Vulnerability
• 2009-12-04 UBB.threads Multiple File Include Vulnerabilities
• 2009-12-04 Expat Unspecified XML Parsing Remote Denial of Service Vulnerability
• 2009-12-04 Apple Mac OS X Java Applet Certificate Validation Security Bypass Vulnerability
• 2009-12-04 QEMU Virtio Networking Remote Denial of Service Vulnerability

• Vulnerabilities
• Exploits
• News
• Articles

Copyright 2007, SecurityDot
Sat, 05 Dec 2009 09:53:56 +0000