Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

debian логотип

CVE-2008-0555

Опубликовано: 04 апр. 2008
Источник: debian

Описание

The ExpandCert function in Apache-SSL before apache_1.3.41+ssl_1.59 does not properly handle (1) '/' and (2) '=' characters in a Distinguished Name (DN) in a client certificate, which might allow remote attackers to bypass authentication via a crafted DN that triggers overwriting of environment variables.

Пакеты

ПакетСтатусВерсия исправленияРелизТип
apacheremovedpackage
apacheno-dsaetchpackage

Примечания

  • Only affects the apache-ssl package, not apache or apache-perl.

  • Only relevant if the attacker can get a CA that is trusted by the server

  • to sign client certs with arbitrary CN, but cannot influence the contents

  • of the other DN fields.

  • OTOH, the configuration used in Debian's apache-ssl 1.55 (per-dir

  • ssl-renegotiation switched off), has obviously not been tested by upstream

  • with 1.59 (it doesn't even compile).

  • Also, upstream's fix breaks API/ABI compatibility in some corner cases.

  • While these cases are not really supported by Debian, all in all the low

  • severity of the issue is not in proportion to the risk of breaking something

  • with the fix.

Связанные уязвимости

ubuntu логотип

CVE-2008-0555

ubuntu
больше 17 лет назад

The ExpandCert function in Apache-SSL before apache_1.3.41+ssl_1.59 does not properly handle (1) '/' and (2) '=' characters in a Distinguished Name (DN) in a client certificate, which might allow remote attackers to bypass authentication via a crafted DN that triggers overwriting of environment variables.

nvd логотип

CVE-2008-0555

nvd
больше 17 лет назад

The ExpandCert function in Apache-SSL before apache_1.3.41+ssl_1.59 does not properly handle (1) '/' and (2) '=' characters in a Distinguished Name (DN) in a client certificate, which might allow remote attackers to bypass authentication via a crafted DN that triggers overwriting of environment variables.

github логотип

GHSA-7843-hchm-wf25

github
больше 3 лет назад

The ExpandCert function in Apache-SSL before apache_1.3.41+ssl_1.59 does not properly handle (1) '/' and (2) '=' characters in a Distinguished Name (DN) in a client certificate, which might allow remote attackers to bypass authentication via a crafted DN that triggers overwriting of environment variables.