Description

Off-by-one error in the mod_ssl Certificate Revocation List (CRL) verification callback in Apache, when configured to use a CRL, allows remote attackers to cause a denial of service (child process crash) via a CRL that causes a buffer overflow of one null byte.

Remediation

References

CVE-2005-1268

Related Vulnerabilities

WordPress Plugin Job Manager Cross-Site Scripting (0.7.24)

Ruby Cryptographic Issues Vulnerability (CVE-2013-4287)

Apache Traffic Server CVE-2022-47184 Vulnerability (CVE-2022-47184)

WordPress 5.1.x Multiple Vulnerabilities (5.1 - 5.1.6)

Jenkins Cryptographic Issues Vulnerability (CVE-2014-2061)

Severity

Medium

Classification

CVE-2005-1268 CWE-193

Tags

Missing Update Known Vulnerabilities