Apache HTTP Server Vulnerability - CVE-2005-2700 - Vulnerability Database

Apache HTTP Server Vulnerability - CVE-2005-2700

Critical

Reference: CVE-2005-2700

NVD Link: https://nvd.nist.gov/vuln/detail/CVE-2005-2700

Title: Apache HTTP Server Vulnerability

Overview:

ssl_engine_kernel.c in mod_ssl before 2.8.24 when using quotSSLVerifyClient optionalquot in the global virtual host configuration does not properly enforce quotSSLVerifyClient requirequot in a per-location context which allows remote attackers to bypass intended access restrictions.