7.5
CVE-2004-0885
- EPSS 13.84%
- Veröffentlicht 03.11.2004 05:00:00
- Zuletzt bearbeitet 16.06.2026 22:06:35
- Quelle cve@mitre.org
- CVE-Watchlists
- Unerledigt
The mod_ssl module in Apache 2.0.35 through 2.0.52, when using the "SSLCipherSuite" directive in directory or location context, allows remote clients to bypass intended restrictions by using any cipher suite that is allowed by the virtual host configuration.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Apache ≫ HTTP Server Version2.0.35
Apache ≫ HTTP Server Version2.0.36
Apache ≫ HTTP Server Version2.0.37
Apache ≫ HTTP Server Version2.0.38
Apache ≫ HTTP Server Version2.0.39
Apache ≫ HTTP Server Version2.0.40
Apache ≫ HTTP Server Version2.0.41
Apache ≫ HTTP Server Version2.0.42
Apache ≫ HTTP Server Version2.0.43
Apache ≫ HTTP Server Version2.0.44
Apache ≫ HTTP Server Version2.0.45
Apache ≫ HTTP Server Version2.0.46
Apache ≫ HTTP Server Version2.0.47
Apache ≫ HTTP Server Version2.0.48
Apache ≫ HTTP Server Version2.0.49
Apache ≫ HTTP Server Version2.0.50
Apache ≫ HTTP Server Version2.0.51
Apache ≫ HTTP Server Version2.0.52
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 13.84% | 0.96 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 7.5 | 10 | 6.4 |
AV:N/AC:L/Au:N/C:P/I:P/A:P
|
https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/54a42d4b01968df1117cea77fc53d6beb931c0e05936ad02af93e9ac%40%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/5df9bfb86a3b054bb985a45ff9250b0332c9ecc181eec232489e7f79%40%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/r0276683d8e1e07153fc8642618830ac0ade85b9ae0dc7b07f63bb8fc%40%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/r2cb985de917e7da0848c440535f65a247754db8b2154a10089e4247b%40%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/r5001ecf3d6b2bdd0b732e527654248abb264f08390045d30709a92f6%40%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/r8828e649175df56f1f9e3919938ac7826128525426e2748f0ab62feb%40%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/r9e8622254184645bc963a1d47c5d47f6d5a36d6f080d8d2c43b2b142%40%3Ccvs.httpd.apache.org%3E
http://www.redhat.com/support/errata/RHSA-2005-816.html
http://www.redhat.com/support/errata/RHSA-2004-600.html
http://secunia.com/advisories/19072
http://sunsolve.sun.com/search/document.do?assetkey=1-26-102198-1
http://support.avaya.com/elmodocs2/security/ASA-2006-081.htm
http://www.redhat.com/support/errata/RHSA-2004-562.html
http://www.vupen.com/english/advisories/2006/0789
https://lists.apache.org/thread.html/r734a07156abf332d5ab27fb91d9d962cacfef4f3681e44056f064fa8%40%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/rd65d8ba68ba17e7deedafbf5bb4899f2ae4dad781d21b931c2941ac3%40%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/re895fc1736d25c8cf57e102c871613b8aeec9ea26fd8a44e7942b5ab%40%3Ccvs.httpd.apache.org%3E
http://www.apacheweek.com/features/security-20
http://www.ubuntu.com/usn/usn-177-1
http://issues.apache.org/bugzilla/show_bug.cgi?id=31505
http://lists.apple.com/archives/security-announce/2005//Aug/msg00001.html
http://lists.apple.com/archives/security-announce/2005/Aug/msg00000.html
http://marc.info/?l=bugtraq&m=109786159119069&w=2
http://www.redhat.com/support/errata/RHSA-2008-0261.html
http://www.securityfocus.com/bid/11360
http://www1.itrc.hp.com/service/cki/docDisplay.do?docId=HPSBUX01123
https://exchange.xforce.ibmcloud.com/vulnerabilities/17671
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10384