Format string vulnerability in the mod_proxy hook functions function in ssl_engine_log.c in mod_ssl prior to 2.8.19 for Apache prior to 1.3.31 may allow remote malicious users to execute arbitrary messages via format string specifiers in certain log messages for HTTPS that are handled by the ssl_log function.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
mod ssl mod ssl 2.4.10 |
||
mod ssl mod ssl 2.4.2 |
||
mod ssl mod ssl 2.4.9 |
||
mod ssl mod ssl 2.5.0 |
||
mod ssl mod ssl 2.6.6 |
||
mod ssl mod ssl 2.7.0 |
||
mod ssl mod ssl 2.8.14 |
||
mod ssl mod ssl 2.8.15 |
||
mod ssl mod ssl 2.8.5 |
||
mod ssl mod ssl 2.8.5.1 |
||
mod ssl mod ssl 2.4.0 |
||
mod ssl mod ssl 2.4.1 |
||
mod ssl mod ssl 2.4.7 |
||
mod ssl mod ssl 2.4.8 |
||
mod ssl mod ssl 2.6.4 |
||
mod ssl mod ssl 2.6.5 |
||
mod ssl mod ssl 2.8.10 |
||
mod ssl mod ssl 2.8.12 |
||
mod ssl mod ssl 2.8.3 |
||
mod ssl mod ssl 2.8.4 |
||
mod ssl mod ssl 2.4.3 |
||
mod ssl mod ssl 2.4.4 |
||
mod ssl mod ssl 2.5.1 |
||
mod ssl mod ssl 2.6.0 |
||
mod ssl mod ssl 2.7.1 |
||
mod ssl mod ssl 2.8.0 |
||
mod ssl mod ssl 2.8.16 |
||
mod ssl mod ssl 2.8.17 |
||
mod ssl mod ssl 2.8.5.2 |
||
mod ssl mod ssl 2.8.6 |
||
mod ssl mod ssl 2.8.7 |
||
mod ssl mod ssl 2.3.11 |
||
mod ssl mod ssl 2.4.5 |
||
mod ssl mod ssl 2.4.6 |
||
mod ssl mod ssl 2.6.1 |
||
mod ssl mod ssl 2.6.2 |
||
mod ssl mod ssl 2.6.3 |
||
mod ssl mod ssl 2.8.1 |
||
mod ssl mod ssl 2.8.1.2 |
||
mod ssl mod ssl 2.8.18 |
||
mod ssl mod ssl 2.8.2 |
||
mod ssl mod ssl 2.8.8 |
||
mod ssl mod ssl 2.8.9 |
||
gentoo linux 1.4 |