apache-ssl

apache-ssl/apache-ssl: The latest CVE Vulnerabilities and Exploits for Penetration Test

apache-ssl/apache-ssl Vulnerability Summary Vendor name: apache-ssl Product name: apache-ssl Total vulnerabilities: 3 (as 2023-05-04) apache-ssl/apache-ssl Vulnerability List CVE-2008-0555: The ExpandCert function in Apache-SSL before apache_1.3.41+ssl_1.59 does not properly handle (1)… Published: 2008-04-04T00:44:00 Last Modified: 2018-10-15T22:01:00 Summary The ExpandCert function in Apache-SSL before apache_1.3.41+ssl_1.59 does not properly handle (1) ‘/’ and (2) ‘=’ characters in a Distinguished Name (DN) in a client certificate, which might allow remote attackers to bypass authentication via a crafted DN that triggers overwriting of environment variables.