Vulnerability Scanning Solutions, LLC.
Our Process
What We Scan For
Sample Report
Client List
Contact Us
What We Scan For
Family: Mandrake Local Security Checks --> Category: infos

MDKSA-2004:054: mod_ssl Vulnerability Scan

Vulnerability Scan Summary
Check for the version of the mod_ssl package

Detailed Explanation for this Vulnerability Test

The remote host is missing the patch for the advisory MDKSA-2004:054 (mod_ssl).

A stack-based buffer overflow exists in the ssl_util_uuencode_binary function in
ssl_engine_kernel.c in mod_ssl for Apache 1.3.x. When mod_ssl is configured to
trust the issuing CA, a remote attacker may be able to execute arbitrary code
via a client certificate with a long subject DN.
The provided packages are patched to prevent this problem.

Solution :
Threat Level: High

Click HERE for more information and discussions on this network vulnerability scan.


P.O. Box 827051

Pembroke Pines, FL 33082-7051

Vulnerability Scanning Solutions, LLC.