Apache-SSL Client Certificate Forging Vulnerability

Bugtraq ID: 9590
Class: Design Error
CVE:
Remote: Yes
Local: No
Published: Feb 06 2004 12:00AM
Updated: Feb 06 2004 12:00AM
Credit: Discovery of this vulnerability has been credited to Wietse Venema.
Vulnerable: Apache-SSL Apache-SSL 1.47
Apache-SSL Apache-SSL 1.46
+ Apache Software Foundation Apache 1.3.22
Apache-SSL Apache-SSL 1.45
+ Apache Software Foundation Apache 1.3.22
Apache-SSL Apache-SSL 1.44
+ Apache Software Foundation Apache 1.3.22
Apache-SSL Apache-SSL 1.42
+ Apache Software Foundation Apache 1.3.19
+ Apache Software Foundation Apache 1.3.14
Apache-SSL Apache-SSL 1.41
+ Apache Software Foundation Apache 1.3.12
Apache-SSL Apache-SSL 1.40
+ Apache Software Foundation Apache 1.3.12
Apache-SSL Apache-SSL 1.39
+ Apache Software Foundation Apache 1.3.12
Apache-SSL Apache-SSL 1.3.28 +1.52
Not Vulnerable: Apache-SSL Apache-SSL 1.3.29 +1.53


 

Privacy Statement
Copyright 2010, SecurityFocus