JVN/CVE Demo: Cveinfos

CVE

Id: 13906
CVE No.: CVE-2005-2700
Status: Candidate
Description: ssl_engine_kernel.c in mod_ssl before 2.8.24, when using "SSLVerifyClient optional" in the global virtual host configuration, does not properly enforce "SSLVerifyClient require" in a per-location context, which allows remote attackers to bypass intended access restrictions.
Phase: Assigned (20050826)
Votes: None (candidate not yet proposed)
Comments

Actions

Related CVE References

Id	CVE Id	CVE No.	Reference	Actions
101697	13906	CVE-2005-2700	MLIST:[apache-modssl] 20050902 [ANNOUNCE] mod_ssl 2.8.24-1.3.33	View
101698	13906	CVE-2005-2700	URL:http://marc.info/?l=apache-modssl&m=112569517603897&w=2	View
101699	13906	CVE-2005-2700	CONFIRM:http://people.apache.org/~jorton/CAN-2005-2700.diff	View
101700	13906	CVE-2005-2700	CONFIRM:https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=167195	View
101701	13906	CVE-2005-2700	CONFIRM:http://support.avaya.com/elmodocs2/security/ASA-2006-081.htm	View
101702	13906	CVE-2005-2700	CONFIRM:http://www14.software.ibm.com/webapp/set2/subscriptions/pqvcmjd?mode=18&ID=3117	View
101703	13906	CVE-2005-2700	DEBIAN:DSA-805	View
101704	13906	CVE-2005-2700	URL:http://www.debian.org/security/2005/dsa-805	View
101705	13906	CVE-2005-2700	DEBIAN:DSA-807	View
101706	13906	CVE-2005-2700	URL:http://www.debian.org/security/2005/dsa-807	View
101707	13906	CVE-2005-2700	GENTOO:GLSA-200509-12	View
101708	13906	CVE-2005-2700	URL:http://www.gentoo.org/security/en/glsa/glsa-200509-12.xml	View
101709	13906	CVE-2005-2700	HP:HPSBUX01232	View
101710	13906	CVE-2005-2700	URL:http://marc.info/?l=bugtraq&m=112870296926652&w=2	View
101711	13906	CVE-2005-2700	HP:SSRT051043	View
101712	13906	CVE-2005-2700	URL:http://marc.info/?l=bugtraq&m=112870296926652&w=2	View
101713	13906	CVE-2005-2700	MANDRIVA:MDKSA-2005:161	View
101714	13906	CVE-2005-2700	URL:http://www.mandriva.com/security/advisories?name=MDKSA-2005:161	View
101715	13906	CVE-2005-2700	OPENPKG:OpenPKG-SA-2005.017	View
101716	13906	CVE-2005-2700	URL:http://marc.info/?l=bugtraq&m=112604765028607&w=2	View
101717	13906	CVE-2005-2700	REDHAT:RHSA-2005:608	View
101718	13906	CVE-2005-2700	URL:http://www.redhat.com/support/errata/RHSA-2005-608.html	View
101719	13906	CVE-2005-2700	REDHAT:RHSA-2005:773	View
101720	13906	CVE-2005-2700	URL:http://www.redhat.com/support/errata/RHSA-2005-773.html	View
101721	13906	CVE-2005-2700	REDHAT:RHSA-2005:816	View
101722	13906	CVE-2005-2700	URL:http://www.redhat.com/support/errata/RHSA-2005-816.html	View
101723	13906	CVE-2005-2700	SUNALERT:102197	View
101724	13906	CVE-2005-2700	URL:http://sunsolve.sun.com/search/document.do?assetkey=1-26-102197-1	View
101725	13906	CVE-2005-2700	SUNALERT:102198	View
101726	13906	CVE-2005-2700	URL:http://sunsolve.sun.com/search/document.do?assetkey=1-26-102198-1	View
101727	13906	CVE-2005-2700	SUSE:SUSE-SA:2005:051	View
101728	13906	CVE-2005-2700	URL:http://www.novell.com/linux/security/advisories/2005_51_apache2.html	View
101729	13906	CVE-2005-2700	SUSE:SUSE-SA:2005:052	View
101730	13906	CVE-2005-2700	URL:http://www.novell.com/linux/security/advisories/2005_52_apache2.html	View
101731	13906	CVE-2005-2700	SUSE:SuSE-SA:2006:051	View
101732	13906	CVE-2005-2700	URL:https://lists.opensuse.org/opensuse-security-announce/2006-09/msg00016.html	View
101733	13906	CVE-2005-2700	TRUSTIX:TSLSA-2005-0059	View
101734	13906	CVE-2005-2700	URL:http://lists.trustix.org/pipermail/tsl-announce/2005-October/000354.html	View
101735	13906	CVE-2005-2700	UBUNTU:USN-177-1	View
101736	13906	CVE-2005-2700	URL:http://www.ubuntu.com/usn/usn-177-1	View
101737	13906	CVE-2005-2700	CERT-VN:VU#744929	View
101738	13906	CVE-2005-2700	URL:http://www.kb.cert.org/vuls/id/744929	View
101739	13906	CVE-2005-2700	BID:14721	View
101740	13906	CVE-2005-2700	URL:http://www.securityfocus.com/bid/14721	View
101741	13906	CVE-2005-2700	OVAL:oval:org.mitre.oval:def:10416	View
101742	13906	CVE-2005-2700	URL:http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:10416	View
101743	13906	CVE-2005-2700	VUPEN:ADV-2005-1625	View
101744	13906	CVE-2005-2700	URL:http://www.vupen.com/english/advisories/2005/1625	View
101745	13906	CVE-2005-2700	VUPEN:ADV-2005-2659	View
101746	13906	CVE-2005-2700	URL:http://www.vupen.com/english/advisories/2005/2659	View
101747	13906	CVE-2005-2700	VUPEN:ADV-2006-0789	View
101748	13906	CVE-2005-2700	URL:http://www.vupen.com/english/advisories/2006/0789	View
101749	13906	CVE-2005-2700	VUPEN:ADV-2006-4207	View
101750	13906	CVE-2005-2700	URL:http://www.vupen.com/english/advisories/2006/4207	View
101751	13906	CVE-2005-2700	OSVDB:19188	View
101752	13906	CVE-2005-2700	URL:http://www.osvdb.org/19188	View
101753	13906	CVE-2005-2700	SECUNIA:16700	View
101754	13906	CVE-2005-2700	URL:http://secunia.com/advisories/16700	View
101755	13906	CVE-2005-2700	SECUNIA:16705	View
101756	13906	CVE-2005-2700	URL:http://secunia.com/advisories/16705	View
101757	13906	CVE-2005-2700	SECUNIA:16714	View
101758	13906	CVE-2005-2700	URL:http://secunia.com/advisories/16714	View
101759	13906	CVE-2005-2700	SECUNIA:16743	View
101760	13906	CVE-2005-2700	URL:http://secunia.com/advisories/16743	View
101761	13906	CVE-2005-2700	SECUNIA:16746	View
101762	13906	CVE-2005-2700	URL:http://secunia.com/advisories/16746	View
101763	13906	CVE-2005-2700	SECUNIA:16748	View
101764	13906	CVE-2005-2700	URL:http://secunia.com/advisories/16748	View
101765	13906	CVE-2005-2700	SECUNIA:16753	View
101766	13906	CVE-2005-2700	URL:http://secunia.com/advisories/16753	View
101767	13906	CVE-2005-2700	SECUNIA:16754	View
101768	13906	CVE-2005-2700	URL:http://secunia.com/advisories/16754	View
101769	13906	CVE-2005-2700	SECUNIA:16769	View
101770	13906	CVE-2005-2700	URL:http://secunia.com/advisories/16769	View
101771	13906	CVE-2005-2700	SECUNIA:16771	View
101772	13906	CVE-2005-2700	URL:http://secunia.com/advisories/16771	View
101773	13906	CVE-2005-2700	SECUNIA:16789	View
101774	13906	CVE-2005-2700	URL:http://secunia.com/advisories/16789	View
101775	13906	CVE-2005-2700	SECUNIA:16864	View
101776	13906	CVE-2005-2700	URL:http://secunia.com/advisories/16864	View
101777	13906	CVE-2005-2700	SECUNIA:16956	View
101778	13906	CVE-2005-2700	URL:http://secunia.com/advisories/16956	View
101779	13906	CVE-2005-2700	SECUNIA:17088	View
101780	13906	CVE-2005-2700	URL:http://secunia.com/advisories/17088	View
101781	13906	CVE-2005-2700	SECUNIA:17288	View
101782	13906	CVE-2005-2700	URL:http://secunia.com/advisories/17288	View
101783	13906	CVE-2005-2700	SECUNIA:17311	View
101784	13906	CVE-2005-2700	URL:http://secunia.com/advisories/17311	View
101785	13906	CVE-2005-2700	SECUNIA:17813	View
101786	13906	CVE-2005-2700	URL:http://secunia.com/advisories/17813	View
101787	13906	CVE-2005-2700	SECUNIA:19072	View
101788	13906	CVE-2005-2700	URL:http://secunia.com/advisories/19072	View
101789	13906	CVE-2005-2700	SECUNIA:19073	View
101790	13906	CVE-2005-2700	URL:http://secunia.com/advisories/19073	View
101791	13906	CVE-2005-2700	SECUNIA:21848	View
101792	13906	CVE-2005-2700	URL:http://secunia.com/advisories/21848	View
101793	13906	CVE-2005-2700	SECUNIA:22523	View

Related JVN

Id	JVN No.	Title	Summary	CVE No.	CVE Id	CVSS_v2	CVSS_v3	JVN URL	Actions
62327	JVNDB-2005-000529	Mozilla 製品における zero-width non-joiner 文字の Unicode 配列処理よりメモリ領域が破壊される脆弱性	Firefox 1.0.6 以前、Mozilla 1.7.11 以前には zero-width non-joiner 文字の Unicode 配列を処理する際にエラーが発生し、メモリスタック領域が破壊される脆弱性が存在します。	CVE-2005-2702	13906	7.5		http://jvndb.jvn.jp/ja/contents/2005/JVNDB-2005-000529.html	View

Message	Memory use
Component initialization	1.39 MB
Controller action start	1.49 MB
Controller render start	2.41 MB
View render complete	2.98 MB

Message	Time in ms	Graph
Core Processing (Derived from $_SERVER["REQUEST_TIME"])	2.57
Event: Controller.initialize	0.02
Event: Controller.startup	0.06
Controller action	415.91
Event: Controller.beforeRender	5.83
» Processing toolbar data	5.73
Rendering View	27.19
» Event: View.beforeRender	0.02
» Rendering APP/View/Cveinfos/view.ctp	26.18
» Event: View.afterRender	0.02
» Event: View.beforeLayout	0.02
» Rendering APP/View/Layouts/default.ctp	0.56
» » Rendering CORE/Cake/View/Elements/sql_dump.ctp	0.09
Event: View.afterLayout	0.00

Constant	Value
APP	/virtual/inogo77/public_html/jvn/app/
APP_DIR	app
APPLIBS	/virtual/inogo77/public_html/jvn/app/Lib/
CACHE	/virtual/inogo77/public_html/jvn/app/tmp/cache/
CAKE	/virtual/inogo77/public_html/jvn/lib/Cake/
CAKE_CORE_INCLUDE_PATH	/virtual/inogo77/public_html/jvn/lib
CORE_PATH	/virtual/inogo77/public_html/jvn/lib/
CAKE_VERSION	2.6.0
CSS	/virtual/inogo77/public_html/jvn/app/webroot/css/
CSS_URL	css/
DS	/
FULL_BASE_URL	http://inogo77.s500.xrea.com
IMAGES	/virtual/inogo77/public_html/jvn/app/webroot/img/
IMAGES_URL	img/
JS	/virtual/inogo77/public_html/jvn/app/webroot/js/
JS_URL	js/
LOGS	/virtual/inogo77/public_html/jvn/app/tmp/logs/
ROOT	/virtual/inogo77/public_html/jvn
TESTS	/virtual/inogo77/public_html/jvn/app/Test/
TMP	/virtual/inogo77/public_html/jvn/app/tmp/
VENDORS	/virtual/inogo77/public_html/jvn/vendors/
WEBROOT_DIR	webroot
WWW_ROOT	/virtual/inogo77/public_html/jvn/app/webroot/

Environment Variable	Value
Php Version	5.6.40
Phprc	php56.ini
Php Fcgi Children	1
Pwd	/virtual/inogo77/public_html/.fast-cgi-bin
Php Fcgi Max Requests	10000
Shlvl	0
Path	/usr/local/bin:/usr/bin:/bin
Script Name	/jvn/app/webroot/index.php
Request Uri	/jvn/cveinfos/view/13906
Query String
Request Method	GET
Server Protocol	HTTP/1.1
Gateway Interface	CGI/1.1
Redirect Url	/jvn/app/webroot/cveinfos/view/13906
Remote Port	43352
Script Filename	/virtual/inogo77/public_html/jvn/app/webroot/index.php
Server Admin	[no address given]
Context Document Root	/virtual/inogo77/public_html
Context Prefix
Request Scheme	http
Document Root	/virtual/inogo77/public_html
Remote Addr	216.73.216.223
Server Port	80
Server Addr	160.251.151.205
Server Name	inogo77.s500.xrea.com
Server Software	Apache
Server Signature
Http Connection	close
Http Cache Control	max-age=259200
Http X Forwarded For	10.1.148.26
Http Via	1.1 squid-proxy-5b5d847c96-7f7gz (squid/6.13)
Http Host	inogo77.s500.xrea.com
Http Accept Encoding	gzip, br, zstd, deflate
Http User Agent	Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; ClaudeBot/1.0; +claudebot@anthropic.com)
Http Accept	/
Gem Home	/usr/local/rvm/gems/ruby-2.3.0
Suspectharddos	1
Suspectdos	1
X Dostranslated Ip	216.73.216.223
Mm Country Code	US
Mmdb Info	result found
Mmdb Addr	216.73.216.223
Unique Id	aOBJwgBiJxhHUr9h2l0eTwAAAXs
Redirect Status	200
Redirect Gem Home	/usr/local/rvm/gems/ruby-2.3.0
Redirect Suspectharddos	1
Redirect Suspectdos	1
Redirect X Dostranslated Ip	216.73.216.223
Redirect Mm Country Code	US
Redirect Mmdb Info	result found
Redirect Mmdb Addr	216.73.216.223
Redirect Unique Id	aOBJwgBiJxhHUr9h2l0eTwAAAXs
Redirect Redirect Status	200
Redirect Redirect Gem Home	/usr/local/rvm/gems/ruby-2.3.0
Redirect Redirect Suspectharddos	1
Redirect Redirect Suspectdos	1
Redirect Redirect X Dostranslated Ip	216.73.216.223
Redirect Redirect Mm Country Code	US
Redirect Redirect Mmdb Info	result found
Redirect Redirect Mmdb Addr	216.73.216.223
Redirect Redirect Unique Id	aOBJwgBiJxhHUr9h2l0eTwAAAXs
Fcgi Role	RESPONDER
Php Self	/jvn/app/webroot/index.php
Request Time Float	1759529410.2284
Request Time	1759529410

CVE

Actions

Related CVE References

Related JVN

Request History

Session

Request

Cake Params

Post data

Query string

Cookie

Current Route

Sql Logs

default

Memory

Timers

Logs

View Variables

App Constants

CakePHP Constants

PHP Environment

Included Files

Include Paths

Included Files