Apache mod_ssl unauthenticated access

2005-09-0700:00:00

SECUNIA

vulners.com

Client can access path with "SSLVerifyClient require" without authentication in global settings for vurtual host have "SSLVerifyClient optional".

CPENameOperatorVersion
apacheeq2.0
mod_ssleq2.8

CPE	Name	Operator	Version
	apache	eq	2.0
	mod_ssl	eq	2.8

References

vulners.com/securityvulns/securityvulns:doc:9652