CVE Database

CVE-2004-0885

Impact: Moderate
Public: 2004-10-05
Bugzilla: 430637: CVE-2004-0885 mod_ssl SSLCipherSuite bypass

Details

The MITRE CVE dictionary describes this issue as:

The mod_ssl module in Apache 2.0.35 through 2.0.52, when using the "SSLCipherSuite" directive in directory or location context, allows remote clients to bypass intended restrictions by using any cipher suite that is allowed by the virtual host configuration.

Find out more about CVE-2004-0885 from the MITRE CVE dictionary and NIST NVD.

Red Hat security errata

Platform Errata Release Date
Red Hat Enterprise Linux version 2.1 RHSA-2004:600 December 13, 2004
Red Hat Enterprise Linux version 3 (httpd) RHSA-2004:562 November 12, 2004
Red Hat Satellite 5.0 (RHEL v.4 AS) RHSA-2008:0261 May 20, 2008
Red Hat Satellite Proxy v 4.2 (RHEL v.3 AS) RHSA-2008:0523 June 30, 2008
Red Hat Satellite Proxy v 4.2 (RHEL v.4 AS) RHSA-2008:0523 June 30, 2008
Red Hat Satellite v 4.2 (RHEL v.3 AS) RHSA-2008:0524 June 30, 2008
Red Hat Satellite v 4.2 (RHEL v.4 AS) RHSA-2008:0524 June 30, 2008
Red Hat Stronghold 4 RHSA-2004:653 December 20, 2004
Stronghold 4 for Red Hat Enterprise Linux RHSA-2005:816 November 02, 2005

External References

This page is generated automatically and has not been checked for errors or omissions.

For clarification or corrections please contact the Red Hat Security Response Team.