Apache mod_ssl Buffer Overflow Vulnerability (CAN-2004-0488) Advisory and Patch Guide

Critical Vulnerability Information Vulnerability Overview Vulnerability Type: Buffer Overflow Affected Component: Apache mod_ssl Affected Scope Affected Software Versions - - Unaffected Software Versions - - or Vulnerability Details Description: A bug exists in the function in . When Apache is configured to use and trusts client certificates with Subject DNs longer than 6K, this may lead to a remote buffer overflow. Impact: An attacker could exploit this vulnerability to cause a denial of service or execute code under the user account running Apache (typically "apache"). Code execution on x86 platforms is considered impossible, but the possibility on other platforms is unknown. However, denial of service attacks on x86 systems are not ruled out. Solution Upgrade Instructions: - Apache 1.x Users: Upgrade to the latest version . - Apache 2.x Users: Upgrade to the latest version . Additional Information Risk Level: High Release Date: June 9, 2004 Last Revision: December 30, 2007 Related Vulnerability ID: CAN-2004-0488

Goal Reached Thanks to every supporter — we hit 100%!

Apache mod_ssl Buffer Overflow Vulnerability (CAN-2004-0488) Advisory and Patch Guide