February 28, 2002

Trustix: Apache buffer overflow vulnerability

Author: JT Smith

Posted at LinuxSecurity.com: "The mod_ssl module in Apache utilizes OpenSSL for the SSL implementation.
The version in the old apache package made use of the underlying OpenSSL
routines in a manner which could overflow a buffer within the implementation.
This release (mod_ssl-2.8.7-1.3.23) fixes the problem."


  • Linux
Click Here!