CVE-2005-1268

EPSS 4.3%

apache2 - several

Published: 8/5/2005Modified: 4/28/2026

Description

Off-by-one error in the mod_ssl Certificate Revocation List (CRL) verification callback in Apache, when configured to use a CRL, allows remote attackers to cause a denial of service (child process crash) via a CRL that causes a buffer overflow of one null byte.

Affected packages (2)

Debian/apache2from 0, < 2.0.54-5
Debian/apache2from 0, < 2.0.54-5

References (1)

ADVISORYhttps://security-tracker.debian.org/tracker/CVE-2005-1268