CVE-2008-0555

The ExpandCert function in Apache-SSL before apache_1.3.41+ssl_1.59 does not properly handle (1) '/' and (2) '=' characters in a Distinguished Name (DN) in a client certificate, which might allow remote attackers to bypass authentication via a crafted DN that triggers overwriting of environment variables.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
7.5 UNKNOWN
NETWORK
LOW
AV:N/AC:L/Au:N/C:P/I:P/A:P
mitreCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 65%
VendorProductVersion
apache-sslapache-ssl
1.3.34_1.57:_1.57
𝑥
= Vulnerable software versions
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
apache
karmic
dne
jaunty
dne
intrepid
dne
hardy
dne
gutsy
dne
feisty
ignored
edgy
ignored
dapper
ignored
Common Weakness Enumeration
References
http://secunia.com/advisories/29644
http://securityreason.com/securityalert/3797
http://www.apache-ssl.org/advisory-cve-2008-0555.txt
http://www.cynops.de/advisories/CVE-2008-0555.txt
http://www.klink.name/security/aklink-sa-2008-005-apache-ssl.txt
http://www.securityfocus.com/archive/1/490386/100/0/threaded
http://www.securityfocus.com/bid/28576
http://www.securitytracker.com/id?1019784
http://www.vupen.com/english/advisories/2008/1079/references
https://exchange.xforce.ibmcloud.com/vulnerabilities/41618
http://secunia.com/advisories/29644
http://securityreason.com/securityalert/3797
http://www.apache-ssl.org/advisory-cve-2008-0555.txt
http://www.cynops.de/advisories/CVE-2008-0555.txt
http://www.klink.name/security/aklink-sa-2008-005-apache-ssl.txt
http://www.securityfocus.com/archive/1/490386/100/0/threaded
http://www.securityfocus.com/bid/28576
http://www.securitytracker.com/id?1019784
http://www.vupen.com/english/advisories/2008/1079/references
https://exchange.xforce.ibmcloud.com/vulnerabilities/41618