mod_nss 1.0.8 and previous versions, when NSSVerifyClient is set to none for the server/vhost context, does not enforce the NSSVerifyClient setting in the directory context, which allows remote malicious users to bypass intended access restrictions.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
mod nss project mod nss 1.0.5 |
||
mod nss project mod nss 1.0.4 |
||
mod nss project mod nss 1.0.3 |
||
mod nss project mod nss 1.0.2 |
||
mod nss project mod nss |
||
mod nss project mod nss 1.0 |
||
mod nss project mod nss 1.0.7 |
||
mod nss project mod nss 1.0.6 |
||
redhat enterprise linux 5 |
||
redhat enterprise linux 6.0 |