Search for vulnerabilities
Vulnerability details: VCID-g44d-hskq-aaap
Vulnerability ID VCID-g44d-hskq-aaap
Aliases CVE-2005-1268
Summary Off-by-one error in the mod_ssl Certificate Revocation List (CRL) verification callback in Apache, when configured to use a CRL, allows remote attackers to cause a denial of service (child process crash) via a CRL that causes a buffer overflow of one null byte.
Status Published
Exploitability 0.5
Weighted Severity 6.2
Risk 3.1
Affected and Fixed Packages Package Details
Weaknesses (1)
CWE-193 Off-by-one Error
System Score Found at
rhas Moderate https://access.redhat.com/errata/RHSA-2005:582
epss 0.00803 https://api.first.org/data/v1/epss?cve=CVE-2005-1268
epss 0.00803 https://api.first.org/data/v1/epss?cve=CVE-2005-1268
epss 0.00803 https://api.first.org/data/v1/epss?cve=CVE-2005-1268
epss 0.00803 https://api.first.org/data/v1/epss?cve=CVE-2005-1268
epss 0.00803 https://api.first.org/data/v1/epss?cve=CVE-2005-1268
epss 0.00803 https://api.first.org/data/v1/epss?cve=CVE-2005-1268
epss 0.00803 https://api.first.org/data/v1/epss?cve=CVE-2005-1268
epss 0.00803 https://api.first.org/data/v1/epss?cve=CVE-2005-1268
epss 0.00803 https://api.first.org/data/v1/epss?cve=CVE-2005-1268
epss 0.00803 https://api.first.org/data/v1/epss?cve=CVE-2005-1268
epss 0.00803 https://api.first.org/data/v1/epss?cve=CVE-2005-1268
epss 0.00803 https://api.first.org/data/v1/epss?cve=CVE-2005-1268
epss 0.03761 https://api.first.org/data/v1/epss?cve=CVE-2005-1268
epss 0.03761 https://api.first.org/data/v1/epss?cve=CVE-2005-1268
epss 0.03761 https://api.first.org/data/v1/epss?cve=CVE-2005-1268
epss 0.03761 https://api.first.org/data/v1/epss?cve=CVE-2005-1268
epss 0.03761 https://api.first.org/data/v1/epss?cve=CVE-2005-1268
epss 0.03761 https://api.first.org/data/v1/epss?cve=CVE-2005-1268
epss 0.03761 https://api.first.org/data/v1/epss?cve=CVE-2005-1268
epss 0.03761 https://api.first.org/data/v1/epss?cve=CVE-2005-1268
epss 0.03761 https://api.first.org/data/v1/epss?cve=CVE-2005-1268
epss 0.03761 https://api.first.org/data/v1/epss?cve=CVE-2005-1268
epss 0.03761 https://api.first.org/data/v1/epss?cve=CVE-2005-1268
epss 0.03761 https://api.first.org/data/v1/epss?cve=CVE-2005-1268
epss 0.03761 https://api.first.org/data/v1/epss?cve=CVE-2005-1268
epss 0.03761 https://api.first.org/data/v1/epss?cve=CVE-2005-1268
epss 0.03761 https://api.first.org/data/v1/epss?cve=CVE-2005-1268
epss 0.03761 https://api.first.org/data/v1/epss?cve=CVE-2005-1268
epss 0.03761 https://api.first.org/data/v1/epss?cve=CVE-2005-1268
epss 0.03761 https://api.first.org/data/v1/epss?cve=CVE-2005-1268
epss 0.03761 https://api.first.org/data/v1/epss?cve=CVE-2005-1268
epss 0.03761 https://api.first.org/data/v1/epss?cve=CVE-2005-1268
epss 0.03761 https://api.first.org/data/v1/epss?cve=CVE-2005-1268
epss 0.03761 https://api.first.org/data/v1/epss?cve=CVE-2005-1268
epss 0.03761 https://api.first.org/data/v1/epss?cve=CVE-2005-1268
epss 0.03761 https://api.first.org/data/v1/epss?cve=CVE-2005-1268
epss 0.03761 https://api.first.org/data/v1/epss?cve=CVE-2005-1268
epss 0.03761 https://api.first.org/data/v1/epss?cve=CVE-2005-1268
epss 0.03761 https://api.first.org/data/v1/epss?cve=CVE-2005-1268
epss 0.03761 https://api.first.org/data/v1/epss?cve=CVE-2005-1268
epss 0.03761 https://api.first.org/data/v1/epss?cve=CVE-2005-1268
epss 0.03761 https://api.first.org/data/v1/epss?cve=CVE-2005-1268
epss 0.04266 https://api.first.org/data/v1/epss?cve=CVE-2005-1268
epss 0.04266 https://api.first.org/data/v1/epss?cve=CVE-2005-1268
epss 0.04266 https://api.first.org/data/v1/epss?cve=CVE-2005-1268
epss 0.04266 https://api.first.org/data/v1/epss?cve=CVE-2005-1268
epss 0.04266 https://api.first.org/data/v1/epss?cve=CVE-2005-1268
epss 0.04266 https://api.first.org/data/v1/epss?cve=CVE-2005-1268
epss 0.04266 https://api.first.org/data/v1/epss?cve=CVE-2005-1268
epss 0.04266 https://api.first.org/data/v1/epss?cve=CVE-2005-1268
epss 0.04266 https://api.first.org/data/v1/epss?cve=CVE-2005-1268
epss 0.04266 https://api.first.org/data/v1/epss?cve=CVE-2005-1268
epss 0.04266 https://api.first.org/data/v1/epss?cve=CVE-2005-1268
epss 0.04266 https://api.first.org/data/v1/epss?cve=CVE-2005-1268
epss 0.04266 https://api.first.org/data/v1/epss?cve=CVE-2005-1268
epss 0.04266 https://api.first.org/data/v1/epss?cve=CVE-2005-1268
epss 0.04266 https://api.first.org/data/v1/epss?cve=CVE-2005-1268
epss 0.04266 https://api.first.org/data/v1/epss?cve=CVE-2005-1268
epss 0.04266 https://api.first.org/data/v1/epss?cve=CVE-2005-1268
epss 0.04266 https://api.first.org/data/v1/epss?cve=CVE-2005-1268
epss 0.04266 https://api.first.org/data/v1/epss?cve=CVE-2005-1268
epss 0.04266 https://api.first.org/data/v1/epss?cve=CVE-2005-1268
epss 0.04266 https://api.first.org/data/v1/epss?cve=CVE-2005-1268
epss 0.04266 https://api.first.org/data/v1/epss?cve=CVE-2005-1268
epss 0.04266 https://api.first.org/data/v1/epss?cve=CVE-2005-1268
epss 0.04266 https://api.first.org/data/v1/epss?cve=CVE-2005-1268
epss 0.04266 https://api.first.org/data/v1/epss?cve=CVE-2005-1268
epss 0.04266 https://api.first.org/data/v1/epss?cve=CVE-2005-1268
epss 0.04266 https://api.first.org/data/v1/epss?cve=CVE-2005-1268
epss 0.04266 https://api.first.org/data/v1/epss?cve=CVE-2005-1268
epss 0.04266 https://api.first.org/data/v1/epss?cve=CVE-2005-1268
epss 0.04266 https://api.first.org/data/v1/epss?cve=CVE-2005-1268
epss 0.04266 https://api.first.org/data/v1/epss?cve=CVE-2005-1268
epss 0.04266 https://api.first.org/data/v1/epss?cve=CVE-2005-1268
epss 0.04266 https://api.first.org/data/v1/epss?cve=CVE-2005-1268
epss 0.04266 https://api.first.org/data/v1/epss?cve=CVE-2005-1268
epss 0.05136 https://api.first.org/data/v1/epss?cve=CVE-2005-1268
epss 0.05136 https://api.first.org/data/v1/epss?cve=CVE-2005-1268
epss 0.05136 https://api.first.org/data/v1/epss?cve=CVE-2005-1268
epss 0.05136 https://api.first.org/data/v1/epss?cve=CVE-2005-1268
epss 0.08743 https://api.first.org/data/v1/epss?cve=CVE-2005-1268
rhbs low https://bugzilla.redhat.com/show_bug.cgi?id=1617625
apache_httpd low https://httpd.apache.org/security/json/CVE-2005-1268.json
cvssv2 5.0 https://nvd.nist.gov/vuln/detail/CVE-2005-1268
Reference id Reference type URL
http://lists.trustix.org/pipermail/tsl-announce/2005-October/000354.html
http://rhn.redhat.com/errata/RHSA-2005-582.html
https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2005-1268.json
https://api.first.org/data/v1/epss?cve=CVE-2005-1268
https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=163013
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-1268
http://secunia.com/advisories/19072
http://secunia.com/advisories/19185
http://securityreason.com/securityalert/604
https://lists.apache.org/thread.html/54a42d4b01968df1117cea77fc53d6beb931c0e05936ad02af93e9ac@%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/54a42d4b01968df1117cea77fc53d6beb931c0e05936ad02af93e9ac%40%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/5df9bfb86a3b054bb985a45ff9250b0332c9ecc181eec232489e7f79@%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/5df9bfb86a3b054bb985a45ff9250b0332c9ecc181eec232489e7f79%40%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/r0276683d8e1e07153fc8642618830ac0ade85b9ae0dc7b07f63bb8fc@%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/r0276683d8e1e07153fc8642618830ac0ade85b9ae0dc7b07f63bb8fc%40%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/r2cb985de917e7da0848c440535f65a247754db8b2154a10089e4247b@%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/r2cb985de917e7da0848c440535f65a247754db8b2154a10089e4247b%40%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/r5001ecf3d6b2bdd0b732e527654248abb264f08390045d30709a92f6@%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/r5001ecf3d6b2bdd0b732e527654248abb264f08390045d30709a92f6%40%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/r734a07156abf332d5ab27fb91d9d962cacfef4f3681e44056f064fa8@%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/r734a07156abf332d5ab27fb91d9d962cacfef4f3681e44056f064fa8%40%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/r8828e649175df56f1f9e3919938ac7826128525426e2748f0ab62feb@%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/r8828e649175df56f1f9e3919938ac7826128525426e2748f0ab62feb%40%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/r9e8622254184645bc963a1d47c5d47f6d5a36d6f080d8d2c43b2b142@%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/r9e8622254184645bc963a1d47c5d47f6d5a36d6f080d8d2c43b2b142%40%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920@%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/rd65d8ba68ba17e7deedafbf5bb4899f2ae4dad781d21b931c2941ac3@%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/rd65d8ba68ba17e7deedafbf5bb4899f2ae4dad781d21b931c2941ac3%40%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/re895fc1736d25c8cf57e102c871613b8aeec9ea26fd8a44e7942b5ab@%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/re895fc1736d25c8cf57e102c871613b8aeec9ea26fd8a44e7942b5ab%40%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9@%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1346
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1714
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1747
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9589
http://sunsolve.sun.com/search/document.do?assetkey=1-26-102198-1
http://support.avaya.com/elmodocs2/security/ASA-2006-081.htm
http://www.debian.org/security/2005/dsa-805
http://www.mandriva.com/security/advisories?name=MDKSA-2005:129
http://www.novell.com/linux/security/advisories/2005_18_sr.html
http://www.novell.com/linux/security/advisories/2005_46_apache.html
http://www.securityfocus.com/archive/1/428138/100/0/threaded
http://www.securityfocus.com/bid/14366
http://www.vupen.com/english/advisories/2006/0789
1617625 https://bugzilla.redhat.com/show_bug.cgi?id=1617625
320048 https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=320048
cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:3.1:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:3.1:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_desktop:3.0:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:3.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_desktop:4.0:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:4.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server:3.0:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:3.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server:4.0:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:4.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_workstation:3.0:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:3.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_workstation:4.0:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:4.0:*:*:*:*:*:*:*
CVE-2005-1268 https://httpd.apache.org/security/json/CVE-2005-1268.json
CVE-2005-1268 https://nvd.nist.gov/vuln/detail/CVE-2005-1268
RHSA-2005:582 https://access.redhat.com/errata/RHSA-2005:582
USN-160-1 https://usn.ubuntu.com/160-1/
No exploits are available.
Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P Found at https://nvd.nist.gov/vuln/detail/CVE-2005-1268
Exploitability (E) Access Vector (AV) Access Complexity (AC) Authentication (Au) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

high

functional

unproven

proof_of_concept

not_defined

local

adjacent_network

network

high

medium

low

multiple

single

none

none

partial

complete

none

partial

complete

none

partial

complete
Exploit Prediction Scoring System (EPSS)
Percentile 0.82137
EPSS Score 0.00803
Published At Nov. 1, 2024, midnight
Date Actor Action Source VulnerableCode Version
There are no relevant records.