VDB
CVE-2005-2700
CVE-2005-2700
PUBLISHED
Reported by redhat · Published September 6, 2005
ssl_engine_kernel.c in mod_ssl before 2.8.24, when using "SSLVerifyClient optional" in the global virtual host configuration, does not properly enforce "SSLVerifyClient require" in a per-location context, which allows remote attackers to bypass intended access restrictions.
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| n/a | n/a | n/a |
| n/a | n/a | n/a, n/a, n/a |
Timeline
- Sep 6, 2005 CVE Published
- Feb 4, 2022 EPSS Score
- Mar 7, 2023 EPSS Score
- Mar 17, 2025 EPSS Score
- Mar 18, 2025 EPSS Score
- Mar 29, 2025 EPSS Score
- Apr 7, 2025 EPSS Score
- Apr 8, 2025 EPSS Score
- Apr 9, 2025 EPSS Score
- Apr 10, 2025 EPSS Score
- Apr 14, 2025 EPSS Score
- May 1, 2025 EPSS Score
References
- 16705 third-party-advisoryx_refsource_SECUNIA
- DSA-807 vendor-advisoryx_refsource_DEBIAN
- SSRT051043 vendor-advisoryx_refsource_HP
- RHSA-2005:608 vendor-advisoryx_refsource_REDHAT
- 16700 third-party-advisoryx_refsource_SECUNIA
- 17813 third-party-advisoryx_refsource_SECUNIA
- 16743 third-party-advisoryx_refsource_SECUNIA
- 16753 third-party-advisoryx_refsource_SECUNIA
- x_refsource_CONFIRM
- ADV-2005-2659 vdb-entryx_refsource_VUPEN
- 17088 third-party-advisoryx_refsource_SECUNIA
- TSLSA-2005-0059 vendor-advisoryx_refsource_TRUSTIX
- 22523 third-party-advisoryx_refsource_SECUNIA
- SUSE-SA:2005:051 vendor-advisoryx_refsource_SUSE
- 16748 third-party-advisoryx_refsource_SECUNIA
- USN-177-1 vendor-advisoryx_refsource_UBUNTU
- x_refsource_CONFIRM
- 16754 third-party-advisoryx_refsource_SECUNIA
- MDKSA-2005:161 vendor-advisoryx_refsource_MANDRIVA
- oval:org.mitre.oval:def:10416 vdb-entrysignaturex_refsource_OVAL
…and 44 more