Updated: October 18, 2005
Affected
No statement is currently available from the vendor regarding this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.
The Apache HTTP Server Project distributes a version of mod_ssl with Apache 2.0. According to Apache's changelog, this issue has been resolved in Apache 2.0.55.
Notified: September 07, 2005 Updated: September 09, 2005
Unknown
No statement is currently available from the vendor regarding this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.
Notified: September 07, 2005 Updated: December 06, 2005
Unknown
No statement is currently available from the vendor regarding this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.
Consult APPLE-SA-2005-11-29 Security Update 2005-009 for vulnerability details and remediation instructions.
Updated: October 03, 2005
Affected
No statement is currently available from the vendor regarding this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.
Accourding to Avaya Security Advisory ASA-2005-004, the following Avaya products may be affected: Avaya S8710/S8700/S8500/S8300 Avaya Converged Communications Server (CCS) / SIP Enablement Services (SES) Avaya Message Networking Avaya Intuity LX Avaya Modular Messaging Message Storage Server (MSS) Avaya CVLAN Avaya Intergrated Management More specific vulnerability information is contained within the advisory.
Notified: September 07, 2005 Updated: September 07, 2005
Unknown
No statement is currently available from the vendor regarding this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.
Notified: September 07, 2005 Updated: September 12, 2005
Affected
For Apache 2.0: The old stable distribution (woody) does not contain Apache2 packages. For the stable distribution (sarge) these problems have been fixed in version 2.0.54-5. For the unstable distribution (sid) these problems have been fixed in version 2.0.54-5. For Apache 1.3: For the old stable distribution (woody) this problem has been fixed in version 2.8.9-2.5. For the stable distribution (sarge) this problem has been fixed in version 2.8.22-1sarge1. For the unstable distribution (sid) this problem has been fixed in version 2.8.24-1.
The vendor has not provided us with any further information regarding this vulnerability.
Debian Security Advisory DBA-805-1 contains additional details for the apache2 package. Debian Security Advisory DBA-807-1 contains vulnerability and remediation details for mod_ssl (package name libapache-mod-ssl).
Notified: September 07, 2005 Updated: September 07, 2005
Unknown
No statement is currently available from the vendor regarding this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.
Notified: September 07, 2005 Updated: September 07, 2005
Unknown
No statement is currently available from the vendor regarding this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.
Notified: September 07, 2005 Updated: September 08, 2005
Affected
BigIP v4 and v9 do not support client-side authentication to the Management user interface, so the vulnerability does not apply. FirePass is not vulnerable. TrafficShield uses Apache 2.0.53 and therefore is vulnerable. A hotfix will be forthcoming and included in the next security hotfix to be issued on TrafficShield 3.2.1.
The vendor has not provided us with any further information regarding this vulnerability.
Updated: September 09, 2005
Affected
No statement is currently available from the vendor regarding this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.
Vulnerability and remediation information can be found in: For Fedora Core 3, Fedora Update Notification FEDORA-2005-848 For Fedora Core 4, Fedora Update Notification FEDORA-2005-849
Notified: September 07, 2005 Updated: September 07, 2005
Unknown
No statement is currently available from the vendor regarding this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.
Notified: September 07, 2005 Updated: September 07, 2005
Unknown
No statement is currently available from the vendor regarding this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.
Updated: September 23, 2005
Affected
No statement is currently available from the vendor regarding this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.
Gentoo Linux Security Advisory GLSA 200509-12 includes vulnerability and remediation information.
Notified: September 07, 2005 Updated: October 07, 2005
Unknown
No statement is currently available from the vendor regarding this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.
HP Security Bulletin HPSBUX01232 (SSRT051043) lists affected software and with remediation instructions.
Notified: September 07, 2005 Updated: September 23, 2005
Unknown
Hitachi Web Server is not vulnerable to this issue.
The vendor has not provided us with any further information regarding this vulnerability.
Notified: September 07, 2005 Updated: September 07, 2005
Unknown
No statement is currently available from the vendor regarding this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.
Notified: September 07, 2005 Updated: September 07, 2005
Unknown
No statement is currently available from the vendor regarding this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.
Notified: September 07, 2005 Updated: September 07, 2005
Unknown
No statement is currently available from the vendor regarding this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.
Notified: September 07, 2005 Updated: September 09, 2005
Not Affected
Juniper Networks products are not susceptible to this vulnerability
The vendor has not provided us with any further information regarding this vulnerability.
Notified: September 07, 2005 Updated: September 09, 2005
Affected
No statement is currently available from the vendor regarding this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.
Mandriva Security Advisory MDSKA-2005:161 contains remediation instructions.
Notified: September 07, 2005 Updated: October 03, 2005
Affected
No statement is currently available from the vendor regarding this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.
Conectiva Linux Advisory CLA-2005:1013 contains vulnerability and remediation instructions.
Notified: September 07, 2005 Updated: September 09, 2005
Not Affected
No statement is currently available from the vendor regarding this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.
Notified: September 07, 2005 Updated: September 09, 2005
Affected
No statement is currently available from the vendor regarding this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.
Release 2.8.24-1.3.33 address this issue. It is available at: http://www.modssl.org/source/mod_ssl-2.8.24-1.3.33.tar.gz
Notified: September 07, 2005 Updated: September 07, 2005
Unknown
No statement is currently available from the vendor regarding this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.
Notified: September 07, 2005 Updated: September 07, 2005
Unknown
No statement is currently available from the vendor regarding this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.
Notified: September 07, 2005 Updated: September 07, 2005
Unknown
No statement is currently available from the vendor regarding this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.
Notified: September 12, 2005 Updated: September 12, 2005
Unknown
No statement is currently available from the vendor regarding this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.
Notified: September 07, 2005 Updated: September 07, 2005
Unknown
No statement is currently available from the vendor regarding this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.
Notified: September 07, 2005 Updated: September 07, 2005
Unknown
No statement is currently available from the vendor regarding this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.
Notified: September 07, 2005 Updated: September 07, 2005
Affected
No statement is currently available from the vendor regarding this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.
OpenPKG has posted a security advisory with remediation instructions: http://www.openpkg.org/security/OpenPKG-SA-2005.017-modssl.html
Notified: September 07, 2005 Updated: September 08, 2005
Not Affected
Openwall GNU/*/Linux is not vulnerable. We currently do not provide mod_ssl.
The vendor has not provided us with any further information regarding this vulnerability.
Notified: September 07, 2005 Updated: October 18, 2006
Affected
No statement is currently available from the vendor regarding this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.
Refer to http://www.oracle.com/technology/deploy/security/critical-patch-updates/public_vuln_to_advisory_mapping.html.
Notified: September 07, 2005 Updated: September 07, 2005
Unknown
No statement is currently available from the vendor regarding this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.
Notified: September 07, 2005 Updated: December 28, 2005
Affected
Updated Apache httpd packages (for Red Hat Enterprise Linux 3 and 4) and an updated mod_ssl package (for Red Hat Enterprise Linux 2.1) to correct this issue are available at the URL below and by using the Red Hat Network 'up2date' tool. http://rhn.redhat.com/errata/CAN-2005-2700.html.
The vendor has not provided us with any further information regarding this vulnerability.
Red Hat Security Advisory RHSA-2005:608 contains vulnerability and remediation information for Apache 2. Red Hat Security Advisory RHSA-2005:773 contains vulnerability and remediation information for the mod_ssl package itself. For Stronghold, consult RHSA-2005:882.
Notified: September 07, 2005 Updated: September 07, 2005
Unknown
No statement is currently available from the vendor regarding this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.
Updated: September 09, 2005
Affected
No statement is currently available from the vendor regarding this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.
Slackware Security Advisory SSA:2005-251-02 contains vulnerability and remediation information.
Notified: September 07, 2005 Updated: September 07, 2005
Unknown
No statement is currently available from the vendor regarding this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.
Notified: September 07, 2005 Updated: September 07, 2005
Unknown
No statement is currently available from the vendor regarding this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.
Notified: September 07, 2005 Updated: September 16, 2005
Affected
Our customers can update their systems by using the YaST Online Update (YOU) tool or by installing the RPM file (apache2) directly after downloading it from http://www.novell.com/de-de/linux/download/updates/index.html
The vendor has not provided us with any further information regarding this vulnerability.
SUSE has released SUSE Security Advisory SUSE-SA:2005:052 with vulnerability and remediation instructions for this and some other recent Apache vulnerabilities.
Notified: September 07, 2005 Updated: September 07, 2005
Unknown
No statement is currently available from the vendor regarding this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.
Updated: September 09, 2005
Affected
No statement is currently available from the vendor regarding this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.
Trustix Secure Linux Security Advisory #2005-0047 gives vulnerability and remediation instructions.
Notified: September 07, 2005 Updated: September 07, 2005
Unknown
No statement is currently available from the vendor regarding this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.
Updated: September 08, 2005
Affected
No statement is currently available from the vendor regarding this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.
Ubuntu provides remediation instructions in Ubuntu Security Notice USN-177-1.
Notified: September 07, 2005 Updated: September 07, 2005
Unknown
No statement is currently available from the vendor regarding this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.
Notified: September 07, 2005 Updated: September 07, 2005
Unknown
No statement is currently available from the vendor regarding this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.