CVE-2005-1268 Common Vulnerabilities and Exposures

Upstream information

CVE-2005-1268 at MITRE

Description

Off-by-one error in the mod_ssl Certificate Revocation List (CRL) verification callback in Apache, when configured to use a CRL, allows remote attackers to cause a denial of service (child process crash) via a CRL that causes a buffer overflow of one null byte.

SUSE information

Overall state of this security issue: Resolved

This issue is currently rated as having moderate severity.

CVSS v2 Scores
	National Vulnerability Database
Base Score	5
Vector	AV:N/AC:L/Au:N/C:N/I:N/A:P
Access Vector	Network
Access Complexity	Low
Authentication	None
Confidentiality Impact	None
Integrity Impact	None
Availability Impact	Partial

SUSE Bugzilla entries: 118271 [RESOLVED / FIXED], 118272 [RESOLVED / FIXED], 118274 [RESOLVED / FIXED], 186167 [RESOLVED / FIXED], 95709 [RESOLVED / FIXED]

SUSE Security Advisories:

SUSE-SA:2005:046, published Tue, 16 Aug 2005 07:00:00 +0000
SUSE-SR:2005:018, published Thu, 28 Jul 2005 13:00:00 +0000

SUSE Timeline for this CVE

CVE page created: Fri Jun 28 01:15:00 2013
CVE page last modified: Fri Dec 8 16:12:22 2023