| VID |
22243 |
| Severity |
30 |
| Port |
80, ... |
| Protocol |
TCP |
| Class |
WWW |
| Detailed Description |
The Apache Web server, according to its banner, has a Apache-SSL Client Certificate Forging vulnerability.
Ben Laurie Apache-SSL is a freely available secure Web server based on Apache and SSLeay/OpenSSL. Apache-SSL versions 1.3.28/1.52 and earlier have a default password. If Apache-SSL is configured with SSLVerifyClient set to '1' or '3' (client certificates optional) and SSLFakeBasicAuth, Apache-SSL would permit a client to use real basic authentication to forge a client certificate. A remote attacker could send a certificate with a valid one-line certificate name and use the fixed password ("password" by default) to gain unauthorized access to the affected server.
* Note: This check item for checking safely solely relied on the banner of the remote Apache Web server to assess this vulnerability, so this might be a false positive.
* References:
http://www.securityfocus.com/archive/1/353029
http://www.securiteam.com/unixfocus/5TP022AC0E.html
* Platforms Affected:
Ben Laurie Apache-SSL 1.3.28/1.52 and earlier
Linux Any version
Microsoft Windows Any version |
| Recommendation |
Upgrade to the latest version of Apache-SSL (1.3.29/1.53 or later), available from the Apache-SSL Web site at http://www.apache-ssl.org |
| Related URL |
CVE-2004-0009 (CVE) |
| Related URL |
9590 (SecurityFocus) |
| Related URL |
15065 (ISS) |
|
