Search 219043 CVE descriptions
and 99761 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

CVE ID:CVE-2005-2700
Description:ssl_engine_kernel.c in mod_ssl before 2.8.24, when using "SSLVerifyClient optional" in the global virtual host configuration, does not properly enforce "SSLVerifyClient require" in a per-location context, which allows remote attackers to bypass intended access restrictions.
Test IDs:  
Cross References: Common Vulnerability Exposure (CVE) ID: CVE-2005-2700
BugTraq ID: 14721
CERT/CC vulnerability note: VU#744929
Debian Security Information: DSA-805 (Google Search)
Debian Security Information: DSA-807 (Google Search)
HPdes Security Advisory: HPSBUX01232
HPdes Security Advisory: SSRT051043
RedHat Security Advisories: RHSA-2005:608
RedHat Security Advisories: RHSA-2005:773
RedHat Security Advisories: RHSA-2005:816
SuSE Security Announcement: SUSE-SA:2005:051 (Google Search)
SuSE Security Announcement: SUSE-SA:2005:052 (Google Search)
SuSE Security Announcement: SuSE-SA:2006:051 (Google Search)

© 1998-2021 E-Soft Inc. All rights reserved.