Lucene search
GoogleOSV:DSA-135HistoryJul 02, 2002 - 12:00 a.m.
libapache-mod-ssl -- buffer overflow / DoS
2002-07-0200:00:00
Google
osv.dev
19
EPSS
0.001
Percentile
26.9%
The libapache-mod-ssl package provides SSL capability to the apache
webserver.
Recently, a problem has been found in the handling of .htaccess files,
allowing arbitrary code execution as the web server user (regardless of
ExecCGI / suexec settings), DoS attacks (killing off apache children), and
allowing someone to take control of apache child processes - all through
specially crafted .htaccess files.
This has been fixed in the libapache-mod-ssl_2.4.10-1.3.9-1potato2 package
(for potato), and the libapache-mod-ssl_2.8.9-2 package (for woody).
We recommend you upgrade as soon as possible.
References
Related
nessus
nessus
Apache mod_ssl ssl_compat_directive Function Overflow
2002-07-02 00:00:00
Debian DSA-135-1 : libapache-mod-ssl - buffer overflow / DoS
2004-09-29 00:00:00
RHEL 2.1 : mod_ssl (RHSA-2002:136)
2004-07-06 00:00:00
cve
cve
CVE-2002-0653
2003-04-02 05:00:00
openvas
openvas
Debian Security Advisory DSA 135-1 (libapache-mod-ssl)
2008-01-17 00:00:00
mod_ssl off by one
2005-11-03 00:00:00
Debian Security Advisory DSA 135-1 (libapache-mod-ssl)
2008-01-17 00:00:00
cert
cert
Buffer Overflow in mod_ssl
2003-04-17 00:00:00
Integer overflow in xdr_array() function when deserializing the XDR stream
2002-08-01 00:00:00
exploitdb
exploitdb
Apache mod_ssl 2.8.x - Off-by-One HTAccess Buffer Overflow
2002-06-22 00:00:00
cvelist
cvelist
CVE-2002-0653
2003-04-02 05:00:00
nvd
nvd
CVE-2002-0653
2002-07-11 04:00:00
suse
suse
local privilege escalation in mod_ssl, mm
2002-07-31 16:22:10
slackware
slackware
SSA-2002-0731201128
2002-07-31 20:11:28
Security updates for Slackware 8.1
2002-07-31 13:11:28
f5
f5
K000138057 : mod_ssl vulnerabilities CVE-2002-1157 and CVE-2002-0653
2023-12-27 00:00:00