Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
mod_ssl vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2003-0987
mod_digest for Apache prior to 1.3.31 does not properly verify the nonce of a client response by using a AuthNonce secret.
Apache Http Server
NA
CVE-2002-0082
The dbm and shm session cache code in mod_ssl prior to 2.8.7-1.3.23, and Apache-SSL prior to 1.3.22+1.46, does not properly initialize memory using the i2d_SSL_SESSION function, which allows remote malicious users to use a buffer overflow to execute arbitrary code via a large cli...
Apache-ssl Apache-ssl 1.45
Apache-ssl Apache-ssl 1.46
Mod Ssl Mod Ssl 2.8.5
Mod Ssl Mod Ssl 2.8.6
Apache-ssl Apache-ssl 1.42
Apache-ssl Apache-ssl 1.44
Mod Ssl Mod Ssl 2.8.3
Mod Ssl Mod Ssl 2.8.4
Mod Ssl Mod Ssl 2.7.1
Mod Ssl Mod Ssl 2.8
Apache-ssl Apache-ssl 1.40
Apache-ssl Apache-ssl 1.41
Mod Ssl Mod Ssl 2.8.1
Mod Ssl Mod Ssl 2.8.2
3 EDB exploits
3 Github repositories
NA
CVE-2004-0885
The mod_ssl module in Apache 2.0.35 up to and including 2.0.52, when using the "SSLCipherSuite" directive in directory or location context, allows remote clients to bypass intended restrictions by using any cipher suite that is allowed by the virtual host configuration.
Apache Http Server 2.0.42
Apache Http Server 2.0.47
Apache Http Server 2.0.50
Apache Http Server 2.0.35
Apache Http Server 2.0.37
Apache Http Server 2.0.44
Apache Http Server 2.0.39
Apache Http Server 2.0.52
Apache Http Server 2.0.51
Apache Http Server 2.0.41
Apache Http Server 2.0.49
Apache Http Server 2.0.38
Apache Http Server 2.0.48
Apache Http Server 2.0.45
Apache Http Server 2.0.40
Apache Http Server 2.0.36
Apache Http Server 2.0.46
Apache Http Server 2.0.43
7.8
CVSSv3
CVE-2002-0653
Off-by-one buffer overflow in the ssl_compat_directive function, as called by the rewrite_command hook for mod_ssl Apache module 2.8.9 and previous versions, allows local users to execute arbitrary code as the Apache server user via .htaccess files with long entries.
Modssl Mod Ssl
1 EDB exploit
NA
CVE-2004-0751
The char_buffer_read function in the mod_ssl module for Apache 2.x, when using reverse proxying to an SSL server, allows remote malicious users to cause a denial of service (segmentation fault).
Apache Http Server
1 EDB exploit
NA
CVE-2004-0700
Format string vulnerability in the mod_proxy hook functions function in ssl_engine_log.c in mod_ssl prior to 2.8.19 for Apache prior to 1.3.31 may allow remote malicious users to execute arbitrary messages via format string specifiers in certain log messages for HTTPS that are ha...
Mod Ssl Mod Ssl 2.4.10
Mod Ssl Mod Ssl 2.4.2
Mod Ssl Mod Ssl 2.4.9
Mod Ssl Mod Ssl 2.5.0
Mod Ssl Mod Ssl 2.6.6
Mod Ssl Mod Ssl 2.7.0
Mod Ssl Mod Ssl 2.8.14
Mod Ssl Mod Ssl 2.8.15
Mod Ssl Mod Ssl 2.8.5
Mod Ssl Mod Ssl 2.8.5.1
Mod Ssl Mod Ssl 2.4.0
Mod Ssl Mod Ssl 2.4.1
Mod Ssl Mod Ssl 2.4.7
Mod Ssl Mod Ssl 2.4.8
Mod Ssl Mod Ssl 2.6.4
Mod Ssl Mod Ssl 2.6.5
Mod Ssl Mod Ssl 2.8.10
Mod Ssl Mod Ssl 2.8.12
Mod Ssl Mod Ssl 2.8.3
Mod Ssl Mod Ssl 2.8.4
Mod Ssl Mod Ssl 2.4.3
Mod Ssl Mod Ssl 2.4.4
NA
CVE-2005-2700
ssl_engine_kernel.c in mod_ssl prior to 2.8.24, when using "SSLVerifyClient optional" in the global virtual host configuration, does not properly enforce "SSLVerifyClient require" in a per-location context, which allows remote malicious users to bypass intende...
Apache Http Server
Debian Debian Linux 3.1
Debian Debian Linux 3.0
Canonical Ubuntu Linux 4.10
Canonical Ubuntu Linux 5.04
NA
CVE-2005-3357
mod_ssl in Apache 2.0 up to 2.0.55, when configured with an SSL vhost with access control and a custom error 400 error page, allows remote malicious users to cause a denial of service (application crash) via a non-SSL request to an SSL port, which triggers a NULL pointer derefere...
Apache Http Server 2.0.42
Apache Http Server 2.0.47
Apache Http Server 2.0.50
Apache Http Server 2.0.35
Apache Http Server 2.0.37
Apache Http Server 2.0.55
Apache Http Server 2.0.44
Apache Http Server 2.0.39
Apache Http Server 2.0.52
Apache Http Server 2.0.53
Apache Http Server 2.0.51
Apache Http Server 2.0.28
Apache Http Server 2.0.41
Apache Http Server 2.0.49
Apache Http Server 2.0.9
Apache Http Server 2.0.32
Apache Http Server 2.0.38
Apache Http Server 2.0.48
Apache Http Server 2.0.45
Apache Http Server 2.0.40
Apache Http Server 2.0.36
Apache Http Server 2.0.46
NA
CVE-2004-0488
Stack-based buffer overflow in the ssl_util_uuencode_binary function in ssl_util.c for Apache mod_ssl, when mod_ssl is configured to trust the issuing CA, may allow remote malicious users to execute arbitrary code via a client certificate with a long subject DN.
Apache Http Server
Debian Debian Linux 3.0
Redhat Enterprise Linux Server 2.0
Redhat Enterprise Linux Workstation 2.0
NA
CVE-2004-0492
Heap-based buffer overflow in proxy_util.c for mod_proxy in Apache 1.3.25 to 1.3.31 allows remote malicious users to cause a denial of service (process crash) and possibly execute arbitrary code via a negative Content-Length HTTP header field, which causes a large amount of data ...
Hp Webproxy 2.0
Hp Virtualvault 11.0.4
Apache Http Server 1.3.27
Ibm Http Server 1.3.28
Apache Http Server 1.3.28
Apache Http Server 1.3.31
Hp Webproxy 2.1
Ibm Http Server 1.3.26.1
Apache Http Server 1.3.26
Apache Http Server 1.3.29
Sgi Propack 2.4
Ibm Http Server 1.3.26
Ibm Http Server 1.3.26.2
Hp Vvos 11.04
Openbsd Openbsd 3.5
Openbsd Openbsd
Openbsd Openbsd 3.4
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-3012
CVE-2024-30200
XXE
CVE-2023-24955
CVE-2023-42931
CVE-2024-29231
remote code execution
cross-site scripting
CVE-2024-0677
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
NEXT »