CVE-2011-4973

Опубликовано: 15 фев. 2018

Источник: debian

Описание

Authentication bypass vulnerability in mod_nss 1.0.8 allows remote attackers to assume the identity of a valid user by using their certificate and entering 'password' as the password.

Пакеты

Пакет	Статус	Версия исправления	Релиз	Тип
libapache2-mod-nss	fixed	1.0.8-4		package
libapache2-mod-nss	no-dsa		wheezy	package

Примечания

https://www.redhat.com/archives/mod_nss-list/2011-May/msg00001.html
https://git.fedorahosted.org/cgit/mod_nss.git/commit/?id=a6c3370491ae1d3bc552e8de9353c82f73e510e3
https://bugzilla.redhat.com/show_bug.cgi?id=1017197

Связанные уязвимости

CVE-2011-4973

CVSS3: 9.8

ubuntu

почти 8 лет назад

Authentication bypass vulnerability in mod_nss 1.0.8 allows remote attackers to assume the identity of a valid user by using their certificate and entering 'password' as the password.

CVE-2011-4973

redhat

почти 15 лет назад

Authentication bypass vulnerability in mod_nss 1.0.8 allows remote attackers to assume the identity of a valid user by using their certificate and entering 'password' as the password.

CVE-2011-4973

CVSS3: 9.8

nvd

почти 8 лет назад

Authentication bypass vulnerability in mod_nss 1.0.8 allows remote attackers to assume the identity of a valid user by using their certificate and entering 'password' as the password.

GHSA-mmjq-r7xw-fqr8

CVSS3: 9.8

github

больше 3 лет назад

Authentication bypass vulnerability in mod_nss 1.0.8 allows remote attackers to assume the identity of a valid user by using their certificate and entering 'password' as the password.