Lucene search
Veracode Vulnerability DatabaseVERACODE:10796HistoryJan 15, 2019 - 8:52 a.m.
Authorization Bypass
2019-01-1508:52:22
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
11
0.007 Low
EPSS
Percentile
80.3%
mod_nss is vulnerable to authorization bypass attacks. The vulnerability exists in mod_nss 1.0.8 and earlier, when NSSVerifyClient is set to none for the server/vhost context, does not enforce the NSSVerifyClient setting in the directory context, which allows remote attackers to bypass intended access restrictions.
Related
nessus
nessus
RHEL 5 / 6 : mod_nss (RHSA-2013:1779)
2013-12-04 00:00:00
Amazon Linux AMI : mod24_nss (ALAS-2013-254)
2013-12-10 00:00:00
Fedora 18 : mod_nss-1.0.8-27.fc18 (2013-22786)
2013-12-13 00:00:00
openvas
openvas
Fedora Update for mod_nss FEDORA-2013-22787
2013-12-17 00:00:00
SUSE: Security Advisory (SUSE-SU-2013:1926-1)
2021-06-09 00:00:00
Fedora Update for mod_nss FEDORA-2013-22730
2014-02-03 00:00:00
fedora
fedora
[SECURITY] Fedora 19 Update: mod_nss-1.0.8-27.fc19
2013-12-13 05:03:58
[SECURITY] Fedora 20 Update: mod_nss-1.0.8-28.fc20
2013-12-14 03:03:31
[SECURITY] Fedora 18 Update: mod_nss-1.0.8-27.fc18
2013-12-13 05:05:02
ubuntucve
ubuntucve
CVE-2013-4566
2013-12-12 00:00:00
prion
prion
Design/Logic Flaw
2013-12-12 18:55:00
redhat
redhat
(RHSA-2013:1779) Moderate: mod_nss security update
2013-12-03 00:00:00
amazon
amazon
Medium: mod24_nss
2013-12-03 13:00:00
Medium: mod_nss
2013-12-03 13:00:00
cvelist
cvelist
CVE-2013-4566
2013-12-12 18:00:00
nvd
nvd
CVE-2013-4566
2013-12-12 18:55:10
oraclelinux
oraclelinux
mod_nss security update
2013-12-03 00:00:00
centos
centos
mod_nss security update
2013-12-03 22:51:46
debiancve
debiancve
CVE-2013-4566
2013-12-12 18:55:00
cve
cve
CVE-2013-4566
2013-12-12 18:55:10
mageia
mageia
Updated apache-mod_nss package fixes CVE-2013-4566
2013-12-20 21:27:18