DescriptionOff-by-one error in the mod_ssl Certificate Revocation List (CRL) verification callback in Apache, when configured to use a CRL, allows remote attackers to cause a denial of service (child process crash) via a CRL that causes a buffer overflow of one null byte.
Overall state of this security issue: Resolved
This issue is currently rated as having moderate severity.
|National Vulnerability Database|
SUSE Security Advisories:
- SUSE-SA:2005:046, published Tue, 16 Aug 2005 07:00:00 +0000
- SUSE-SR:2005:018, published Thu, 28 Jul 2005 13:00:00 +0000
SUSE Timeline for this CVECVE page created: Fri Jun 28 01:15:00 2013
CVE page last modified: Fri Oct 7 12:45:30 2022