{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2004-10-11T00:00:00", "descriptions": [{"lang": "en", "value": "The mod_ssl module in Apache 2.0.35 through 2.0.52, when using the \"SSLCipherSuite\" directive in directory or location context, allows remote clients to bypass intended restrictions by using any cipher suite that is allowed by the virtual host configuration."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2021-06-06T10:09:25", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"name": "11360", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/11360"}, {"name": "RHSA-2004:562", "tags": ["vendor-advisory", "x_refsource_REDHAT"], "url": "http://www.redhat.com/support/errata/RHSA-2004-562.html"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://support.avaya.com/elmodocs2/security/ASA-2006-081.htm"}, {"name": "USN-177-1", "tags": ["vendor-advisory", "x_refsource_UBUNTU"], "url": "http://www.ubuntu.com/usn/usn-177-1"}, {"name": "20041015 [OpenPKG-SA-2004.044] OpenPKG Security Advisory (modssl)", "tags": ["mailing-list", "x_refsource_BUGTRAQ"], "url": "http://marc.info/?l=bugtraq&m=109786159119069&w=2"}, {"name": "RHSA-2005:816", "tags": ["vendor-advisory", "x_refsource_REDHAT"], "url": "http://www.redhat.com/support/errata/RHSA-2005-816.html"}, {"name": "oval:org.mitre.oval:def:10384", "tags": ["vdb-entry", "signature", "x_refsource_OVAL"], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10384"}, {"name": "19072", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/19072"}, {"name": "HPSBUX01123", "tags": ["vendor-advisory", "x_refsource_HP"], "url": "http://www1.itrc.hp.com/service/cki/docDisplay.do?docId=HPSBUX01123"}, {"name": "apache-sslciphersuite-restriction-bypass(17671)", "tags": ["vdb-entry", "x_refsource_XF"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17671"}, {"name": "APPLE-SA-2005-08-15", "tags": ["vendor-advisory", "x_refsource_APPLE"], "url": "http://lists.apple.com/archives/security-announce/2005/Aug/msg00000.html"}, {"name": "RHSA-2008:0261", "tags": ["vendor-advisory", "x_refsource_REDHAT"], "url": "http://www.redhat.com/support/errata/RHSA-2008-0261.html"}, {"name": "RHSA-2004:600", "tags": ["vendor-advisory", "x_refsource_REDHAT"], "url": "http://www.redhat.com/support/errata/RHSA-2004-600.html"}, {"name": "APPLE-SA-2005-08-17", "tags": ["vendor-advisory", "x_refsource_APPLE"], "url": "http://lists.apple.com/archives/security-announce/2005//Aug/msg00001.html"}, {"name": "102198", "tags": ["vendor-advisory", "x_refsource_SUNALERT"], "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102198-1"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://issues.apache.org/bugzilla/show_bug.cgi?id=31505"}, {"name": "ADV-2006-0789", "tags": ["vdb-entry", "x_refsource_VUPEN"], "url": "http://www.vupen.com/english/advisories/2006/0789"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://www.apacheweek.com/features/security-20"}, {"name": "[httpd-cvs] 20190815 svn commit: r1048742 [2/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "https://lists.apache.org/thread.html/54a42d4b01968df1117cea77fc53d6beb931c0e05936ad02af93e9ac%40%3Ccvs.httpd.apache.org%3E"}, {"name": "[httpd-cvs] 20190815 svn commit: r1048743 [2/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "https://lists.apache.org/thread.html/5df9bfb86a3b054bb985a45ff9250b0332c9ecc181eec232489e7f79%40%3Ccvs.httpd.apache.org%3E"}, {"name": "[httpd-cvs] 20200401 svn commit: r1058586 [2/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "https://lists.apache.org/thread.html/r0276683d8e1e07153fc8642618830ac0ade85b9ae0dc7b07f63bb8fc%40%3Ccvs.httpd.apache.org%3E"}, {"name": "[httpd-cvs] 20200401 svn commit: r1058587 [2/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "https://lists.apache.org/thread.html/r8828e649175df56f1f9e3919938ac7826128525426e2748f0ab62feb%40%3Ccvs.httpd.apache.org%3E"}, {"name": "[httpd-cvs] 20210330 svn commit: r1073139 [1/13] - in /websites/staging/httpd/trunk/content: ./ security/json/", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E"}, {"name": "[httpd-cvs] 20210330 svn commit: r1073139 [3/13] - in /websites/staging/httpd/trunk/content: ./ security/json/", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "https://lists.apache.org/thread.html/re895fc1736d25c8cf57e102c871613b8aeec9ea26fd8a44e7942b5ab%40%3Ccvs.httpd.apache.org%3E"}, {"name": "[httpd-cvs] 20210330 svn commit: r1888194 [3/13] - /httpd/site/trunk/content/security/json/", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "https://lists.apache.org/thread.html/rd65d8ba68ba17e7deedafbf5bb4899f2ae4dad781d21b931c2941ac3%40%3Ccvs.httpd.apache.org%3E"}, {"name": "[httpd-cvs] 20210330 svn commit: r1073140 [2/4] - in /websites/staging/httpd/trunk/content: ./ security/cvejsontohtml.py security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "https://lists.apache.org/thread.html/r2cb985de917e7da0848c440535f65a247754db8b2154a10089e4247b%40%3Ccvs.httpd.apache.org%3E"}, {"name": "[httpd-cvs] 20210330 svn commit: r1073143 [2/3] - in /websites/staging/httpd/trunk/content: ./ security/", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "https://lists.apache.org/thread.html/r9e8622254184645bc963a1d47c5d47f6d5a36d6f080d8d2c43b2b142%40%3Ccvs.httpd.apache.org%3E"}, {"name": "[httpd-cvs] 20210330 svn commit: r1073149 [4/13] - in /websites/staging/httpd/trunk/content: ./ security/ security/json/", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "https://lists.apache.org/thread.html/r734a07156abf332d5ab27fb91d9d962cacfef4f3681e44056f064fa8%40%3Ccvs.httpd.apache.org%3E"}, {"name": "[httpd-cvs] 20210330 svn commit: r1073149 [1/13] - in /websites/staging/httpd/trunk/content: ./ security/ security/json/", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E"}, {"name": "[httpd-cvs] 20210606 svn commit: r1075470 [2/4] - in /websites/staging/httpd/trunk/content: ./ security/json/CVE-2020-13938.json security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "https://lists.apache.org/thread.html/r5001ecf3d6b2bdd0b732e527654248abb264f08390045d30709a92f6%40%3Ccvs.httpd.apache.org%3E"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2004-0885", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "The mod_ssl module in Apache 2.0.35 through 2.0.52, when using the \"SSLCipherSuite\" directive in directory or location context, allows remote clients to bypass intended restrictions by using any cipher suite that is allowed by the virtual host configuration."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "11360", "refsource": "BID", "url": "http://www.securityfocus.com/bid/11360"}, {"name": "RHSA-2004:562", "refsource": "REDHAT", "url": "http://www.redhat.com/support/errata/RHSA-2004-562.html"}, {"name": "http://support.avaya.com/elmodocs2/security/ASA-2006-081.htm", "refsource": "CONFIRM", "url": "http://support.avaya.com/elmodocs2/security/ASA-2006-081.htm"}, {"name": "USN-177-1", "refsource": "UBUNTU", "url": "http://www.ubuntu.com/usn/usn-177-1"}, {"name": "20041015 [OpenPKG-SA-2004.044] OpenPKG Security Advisory (modssl)", "refsource": "BUGTRAQ", "url": "http://marc.info/?l=bugtraq&m=109786159119069&w=2"}, {"name": "RHSA-2005:816", "refsource": "REDHAT", "url": "http://www.redhat.com/support/errata/RHSA-2005-816.html"}, {"name": "oval:org.mitre.oval:def:10384", "refsource": "OVAL", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10384"}, {"name": "19072", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/19072"}, {"name": "HPSBUX01123", "refsource": "HP", "url": "http://www1.itrc.hp.com/service/cki/docDisplay.do?docId=HPSBUX01123"}, {"name": "apache-sslciphersuite-restriction-bypass(17671)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17671"}, {"name": "APPLE-SA-2005-08-15", "refsource": "APPLE", "url": "http://lists.apple.com/archives/security-announce/2005/Aug/msg00000.html"}, {"name": "RHSA-2008:0261", "refsource": "REDHAT", "url": "http://www.redhat.com/support/errata/RHSA-2008-0261.html"}, {"name": "RHSA-2004:600", "refsource": "REDHAT", "url": "http://www.redhat.com/support/errata/RHSA-2004-600.html"}, {"name": "APPLE-SA-2005-08-17", "refsource": "APPLE", "url": "http://lists.apple.com/archives/security-announce/2005//Aug/msg00001.html"}, {"name": "102198", "refsource": "SUNALERT", "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102198-1"}, {"name": "http://issues.apache.org/bugzilla/show_bug.cgi?id=31505", "refsource": "CONFIRM", "url": "http://issues.apache.org/bugzilla/show_bug.cgi?id=31505"}, {"name": "ADV-2006-0789", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2006/0789"}, {"name": "http://www.apacheweek.com/features/security-20", "refsource": "CONFIRM", "url": "http://www.apacheweek.com/features/security-20"}, {"name": "[httpd-cvs] 20190815 svn commit: r1048742 [2/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html", "refsource": "MLIST", "url": "https://lists.apache.org/thread.html/54a42d4b01968df1117cea77fc53d6beb931c0e05936ad02af93e9ac@%3Ccvs.httpd.apache.org%3E"}, {"name": "[httpd-cvs] 20190815 svn commit: r1048743 [2/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html", "refsource": "MLIST", "url": "https://lists.apache.org/thread.html/5df9bfb86a3b054bb985a45ff9250b0332c9ecc181eec232489e7f79@%3Ccvs.httpd.apache.org%3E"}, {"name": "[httpd-cvs] 20200401 svn commit: r1058586 [2/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html", "refsource": "MLIST", "url": "https://lists.apache.org/thread.html/r0276683d8e1e07153fc8642618830ac0ade85b9ae0dc7b07f63bb8fc@%3Ccvs.httpd.apache.org%3E"}, {"name": "[httpd-cvs] 20200401 svn commit: r1058587 [2/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html", "refsource": "MLIST", "url": "https://lists.apache.org/thread.html/r8828e649175df56f1f9e3919938ac7826128525426e2748f0ab62feb@%3Ccvs.httpd.apache.org%3E"}, {"name": "[httpd-cvs] 20210330 svn commit: r1073139 [1/13] - in /websites/staging/httpd/trunk/content: ./ security/json/", "refsource": "MLIST", "url": "https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9@%3Ccvs.httpd.apache.org%3E"}, {"name": "[httpd-cvs] 20210330 svn commit: r1073139 [3/13] - in /websites/staging/httpd/trunk/content: ./ security/json/", "refsource": "MLIST", "url": "https://lists.apache.org/thread.html/re895fc1736d25c8cf57e102c871613b8aeec9ea26fd8a44e7942b5ab@%3Ccvs.httpd.apache.org%3E"}, {"name": "[httpd-cvs] 20210330 svn commit: r1888194 [3/13] - /httpd/site/trunk/content/security/json/", "refsource": "MLIST", "url": "https://lists.apache.org/thread.html/rd65d8ba68ba17e7deedafbf5bb4899f2ae4dad781d21b931c2941ac3@%3Ccvs.httpd.apache.org%3E"}, {"name": "[httpd-cvs] 20210330 svn commit: r1073140 [2/4] - in /websites/staging/httpd/trunk/content: ./ security/cvejsontohtml.py security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html", "refsource": "MLIST", "url": "https://lists.apache.org/thread.html/r2cb985de917e7da0848c440535f65a247754db8b2154a10089e4247b@%3Ccvs.httpd.apache.org%3E"}, {"name": "[httpd-cvs] 20210330 svn commit: r1073143 [2/3] - in /websites/staging/httpd/trunk/content: ./ security/", "refsource": "MLIST", "url": "https://lists.apache.org/thread.html/r9e8622254184645bc963a1d47c5d47f6d5a36d6f080d8d2c43b2b142@%3Ccvs.httpd.apache.org%3E"}, {"name": "[httpd-cvs] 20210330 svn commit: r1073149 [4/13] - in /websites/staging/httpd/trunk/content: ./ security/ security/json/", "refsource": "MLIST", "url": "https://lists.apache.org/thread.html/r734a07156abf332d5ab27fb91d9d962cacfef4f3681e44056f064fa8@%3Ccvs.httpd.apache.org%3E"}, {"name": "[httpd-cvs] 20210330 svn commit: r1073149 [1/13] - in /websites/staging/httpd/trunk/content: ./ security/ security/json/", "refsource": "MLIST", "url": "https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920@%3Ccvs.httpd.apache.org%3E"}, {"name": "[httpd-cvs] 20210606 svn commit: r1075470 [2/4] - in /websites/staging/httpd/trunk/content: ./ security/json/CVE-2020-13938.json security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html", "refsource": "MLIST", "url": "https://lists.apache.org/thread.html/r5001ecf3d6b2bdd0b732e527654248abb264f08390045d30709a92f6@%3Ccvs.httpd.apache.org%3E"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-08T00:31:47.797Z"}, "title": "CVE Program Container", "references": [{"name": "11360", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/11360"}, {"name": "RHSA-2004:562", "tags": ["vendor-advisory", "x_refsource_REDHAT", "x_transferred"], "url": "http://www.redhat.com/support/errata/RHSA-2004-562.html"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://support.avaya.com/elmodocs2/security/ASA-2006-081.htm"}, {"name": "USN-177-1", "tags": ["vendor-advisory", "x_refsource_UBUNTU", "x_transferred"], "url": "http://www.ubuntu.com/usn/usn-177-1"}, {"name": "20041015 [OpenPKG-SA-2004.044] OpenPKG Security Advisory (modssl)", "tags": ["mailing-list", "x_refsource_BUGTRAQ", "x_transferred"], "url": "http://marc.info/?l=bugtraq&m=109786159119069&w=2"}, {"name": "RHSA-2005:816", "tags": ["vendor-advisory", "x_refsource_REDHAT", "x_transferred"], "url": "http://www.redhat.com/support/errata/RHSA-2005-816.html"}, {"name": "oval:org.mitre.oval:def:10384", "tags": ["vdb-entry", "signature", "x_refsource_OVAL", "x_transferred"], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10384"}, {"name": "19072", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/19072"}, {"name": "HPSBUX01123", "tags": ["vendor-advisory", "x_refsource_HP", "x_transferred"], "url": "http://www1.itrc.hp.com/service/cki/docDisplay.do?docId=HPSBUX01123"}, {"name": "apache-sslciphersuite-restriction-bypass(17671)", "tags": ["vdb-entry", "x_refsource_XF", "x_transferred"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17671"}, {"name": "APPLE-SA-2005-08-15", "tags": ["vendor-advisory", "x_refsource_APPLE", "x_transferred"], "url": "http://lists.apple.com/archives/security-announce/2005/Aug/msg00000.html"}, {"name": "RHSA-2008:0261", "tags": ["vendor-advisory", "x_refsource_REDHAT", "x_transferred"], "url": "http://www.redhat.com/support/errata/RHSA-2008-0261.html"}, {"name": "RHSA-2004:600", "tags": ["vendor-advisory", "x_refsource_REDHAT", "x_transferred"], "url": "http://www.redhat.com/support/errata/RHSA-2004-600.html"}, {"name": "APPLE-SA-2005-08-17", "tags": ["vendor-advisory", "x_refsource_APPLE", "x_transferred"], "url": "http://lists.apple.com/archives/security-announce/2005//Aug/msg00001.html"}, {"name": "102198", "tags": ["vendor-advisory", "x_refsource_SUNALERT", "x_transferred"], "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102198-1"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://issues.apache.org/bugzilla/show_bug.cgi?id=31505"}, {"name": "ADV-2006-0789", "tags": ["vdb-entry", "x_refsource_VUPEN", "x_transferred"], "url": "http://www.vupen.com/english/advisories/2006/0789"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://www.apacheweek.com/features/security-20"}, {"name": "[httpd-cvs] 20190815 svn commit: r1048742 [2/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "https://lists.apache.org/thread.html/54a42d4b01968df1117cea77fc53d6beb931c0e05936ad02af93e9ac%40%3Ccvs.httpd.apache.org%3E"}, {"name": "[httpd-cvs] 20190815 svn commit: r1048743 [2/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "https://lists.apache.org/thread.html/5df9bfb86a3b054bb985a45ff9250b0332c9ecc181eec232489e7f79%40%3Ccvs.httpd.apache.org%3E"}, {"name": "[httpd-cvs] 20200401 svn commit: r1058586 [2/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "https://lists.apache.org/thread.html/r0276683d8e1e07153fc8642618830ac0ade85b9ae0dc7b07f63bb8fc%40%3Ccvs.httpd.apache.org%3E"}, {"name": "[httpd-cvs] 20200401 svn commit: r1058587 [2/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "https://lists.apache.org/thread.html/r8828e649175df56f1f9e3919938ac7826128525426e2748f0ab62feb%40%3Ccvs.httpd.apache.org%3E"}, {"name": "[httpd-cvs] 20210330 svn commit: r1073139 [1/13] - in /websites/staging/httpd/trunk/content: ./ security/json/", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E"}, {"name": "[httpd-cvs] 20210330 svn commit: r1073139 [3/13] - in /websites/staging/httpd/trunk/content: ./ security/json/", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "https://lists.apache.org/thread.html/re895fc1736d25c8cf57e102c871613b8aeec9ea26fd8a44e7942b5ab%40%3Ccvs.httpd.apache.org%3E"}, {"name": "[httpd-cvs] 20210330 svn commit: r1888194 [3/13] - /httpd/site/trunk/content/security/json/", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "https://lists.apache.org/thread.html/rd65d8ba68ba17e7deedafbf5bb4899f2ae4dad781d21b931c2941ac3%40%3Ccvs.httpd.apache.org%3E"}, {"name": "[httpd-cvs] 20210330 svn commit: r1073140 [2/4] - in /websites/staging/httpd/trunk/content: ./ security/cvejsontohtml.py security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "https://lists.apache.org/thread.html/r2cb985de917e7da0848c440535f65a247754db8b2154a10089e4247b%40%3Ccvs.httpd.apache.org%3E"}, {"name": "[httpd-cvs] 20210330 svn commit: r1073143 [2/3] - in /websites/staging/httpd/trunk/content: ./ security/", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "https://lists.apache.org/thread.html/r9e8622254184645bc963a1d47c5d47f6d5a36d6f080d8d2c43b2b142%40%3Ccvs.httpd.apache.org%3E"}, {"name": "[httpd-cvs] 20210330 svn commit: r1073149 [4/13] - in /websites/staging/httpd/trunk/content: ./ security/ security/json/", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "https://lists.apache.org/thread.html/r734a07156abf332d5ab27fb91d9d962cacfef4f3681e44056f064fa8%40%3Ccvs.httpd.apache.org%3E"}, {"name": "[httpd-cvs] 20210330 svn commit: r1073149 [1/13] - in /websites/staging/httpd/trunk/content: ./ security/ security/json/", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E"}, {"name": "[httpd-cvs] 20210606 svn commit: r1075470 [2/4] - in /websites/staging/httpd/trunk/content: ./ security/json/CVE-2020-13938.json security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "https://lists.apache.org/thread.html/r5001ecf3d6b2bdd0b732e527654248abb264f08390045d30709a92f6%40%3Ccvs.httpd.apache.org%3E"}]}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2004-0885", "datePublished": "2004-10-16T04:00:00", "dateReserved": "2004-09-22T00:00:00", "dateUpdated": "2024-08-08T00:31:47.797Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:apache:http_server:2.0.35:*:*:*:*:*:*:*", "matchCriteriaId": "B940BB85-03F5-46D7-8DC9-2E1E228D3D98", "vulnerable": true}, {"criteria": "cpe:2.3:a:apache:http_server:2.0.36:*:*:*:*:*:*:*", "matchCriteriaId": "82139FFA-2779-4732-AFA5-4E6E19775899", "vulnerable": true}, {"criteria": "cpe:2.3:a:apache:http_server:2.0.37:*:*:*:*:*:*:*", "matchCriteriaId": "B7F717E6-BACD-4C8A-A9C5-516ADA6FEE6C", "vulnerable": true}, {"criteria": "cpe:2.3:a:apache:http_server:2.0.38:*:*:*:*:*:*:*", "matchCriteriaId": "08AB120B-2FEC-4EB3-9777-135D81E809AA", "vulnerable": true}, {"criteria": "cpe:2.3:a:apache:http_server:2.0.39:*:*:*:*:*:*:*", "matchCriteriaId": "1C7FF669-12E0-4A73-BBA7-250D109148C5", "vulnerable": true}, {"criteria": "cpe:2.3:a:apache:http_server:2.0.40:*:*:*:*:*:*:*", "matchCriteriaId": "5AB7B1F1-7202-445D-9F96-135DC0AFB1E9", "vulnerable": true}, {"criteria": "cpe:2.3:a:apache:http_server:2.0.41:*:*:*:*:*:*:*", "matchCriteriaId": "BCB7EE53-187E-40A9-9865-0F3EDA2B5A4C", "vulnerable": true}, {"criteria": "cpe:2.3:a:apache:http_server:2.0.42:*:*:*:*:*:*:*", "matchCriteriaId": "9D06AE8A-9BA8-4AA8-ACEA-326CD001E879", "vulnerable": true}, {"criteria": "cpe:2.3:a:apache:http_server:2.0.43:*:*:*:*:*:*:*", "matchCriteriaId": "2FC1A04B-0466-48AD-89F3-1F2EF1DEBE6A", "vulnerable": true}, {"criteria": "cpe:2.3:a:apache:http_server:2.0.44:*:*:*:*:*:*:*", "matchCriteriaId": "19F34D08-430E-4331-A27D-667149425176", "vulnerable": true}, {"criteria": "cpe:2.3:a:apache:http_server:2.0.45:*:*:*:*:*:*:*", "matchCriteriaId": "248BDF2C-3E78-49D1-BD9C-60C09A441724", "vulnerable": true}, {"criteria": "cpe:2.3:a:apache:http_server:2.0.46:*:*:*:*:*:*:*", "matchCriteriaId": "BB0FDE3D-1509-4375-8703-0D174D70B22E", "vulnerable": true}, {"criteria": "cpe:2.3:a:apache:http_server:2.0.47:*:*:*:*:*:*:*", "matchCriteriaId": "AFE732B5-00C9-4443-97E0-1DF21475C26B", "vulnerable": true}, {"criteria": "cpe:2.3:a:apache:http_server:2.0.48:*:*:*:*:*:*:*", "matchCriteriaId": "C79C41D3-6894-4F2D-B8F8-82AB4780A824", "vulnerable": true}, {"criteria": "cpe:2.3:a:apache:http_server:2.0.49:*:*:*:*:*:*:*", "matchCriteriaId": "449A5647-CEA6-4314-9DB8-D086F388E1C7", "vulnerable": true}, {"criteria": "cpe:2.3:a:apache:http_server:2.0.50:*:*:*:*:*:*:*", "matchCriteriaId": "B5A407B7-F432-48F0-916A-A49952F85CA6", "vulnerable": true}, {"criteria": "cpe:2.3:a:apache:http_server:2.0.51:*:*:*:*:*:*:*", "matchCriteriaId": "6B5AC769-D07D-43C7-B252-A5A812E7D58C", "vulnerable": true}, {"criteria": "cpe:2.3:a:apache:http_server:2.0.52:*:*:*:*:*:*:*", "matchCriteriaId": "ADF4DBF6-DAF0-47E7-863B-C48DB7149A78", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "The mod_ssl module in Apache 2.0.35 through 2.0.52, when using the \"SSLCipherSuite\" directive in directory or location context, allows remote clients to bypass intended restrictions by using any cipher suite that is allowed by the virtual host configuration."}, {"lang": "es", "value": "El m\u00f3dulo mod_ssl en Apache 2.0.35 a 2.0.52, cuando se usa la \"SSLCipherSuite\" en contexto de directorio o lugar, permite a clientes remotos evitar las restricciones pretendidas usando cualquier conjunto de cifrado que sea permitido por la configuraci\u00f3n de servidor (host) virtual."}], "id": "CVE-2004-0885", "lastModified": "2023-11-07T01:56:49.680", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 7.5, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": true, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2004-11-03T05:00:00.000", "references": [{"source": "cve@mitre.org", "url": "http://issues.apache.org/bugzilla/show_bug.cgi?id=31505"}, {"source": "cve@mitre.org", "url": "http://lists.apple.com/archives/security-announce/2005//Aug/msg00001.html"}, {"source": "cve@mitre.org", "url": "http://lists.apple.com/archives/security-announce/2005/Aug/msg00000.html"}, {"source": "cve@mitre.org", "url": "http://marc.info/?l=bugtraq&m=109786159119069&w=2"}, {"source": "cve@mitre.org", "url": "http://secunia.com/advisories/19072"}, {"source": "cve@mitre.org", "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102198-1"}, {"source": "cve@mitre.org", "url": "http://support.avaya.com/elmodocs2/security/ASA-2006-081.htm"}, {"source": "cve@mitre.org", "url": "http://www.apacheweek.com/features/security-20"}, {"source": "cve@mitre.org", "url": "http://www.redhat.com/support/errata/RHSA-2004-562.html"}, {"source": "cve@mitre.org", "tags": ["Patch", "Vendor Advisory"], "url": "http://www.redhat.com/support/errata/RHSA-2004-600.html"}, {"source": "cve@mitre.org", "url": "http://www.redhat.com/support/errata/RHSA-2005-816.html"}, {"source": "cve@mitre.org", "url": "http://www.redhat.com/support/errata/RHSA-2008-0261.html"}, {"source": "cve@mitre.org", "url": "http://www.securityfocus.com/bid/11360"}, {"source": "cve@mitre.org", "url": "http://www.ubuntu.com/usn/usn-177-1"}, {"source": "cve@mitre.org", "url": "http://www.vupen.com/english/advisories/2006/0789"}, {"source": "cve@mitre.org", "url": "http://www1.itrc.hp.com/service/cki/docDisplay.do?docId=HPSBUX01123"}, {"source": "cve@mitre.org", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17671"}, {"source": "cve@mitre.org", "url": "https://lists.apache.org/thread.html/54a42d4b01968df1117cea77fc53d6beb931c0e05936ad02af93e9ac%40%3Ccvs.httpd.apache.org%3E"}, {"source": "cve@mitre.org", "url": "https://lists.apache.org/thread.html/5df9bfb86a3b054bb985a45ff9250b0332c9ecc181eec232489e7f79%40%3Ccvs.httpd.apache.org%3E"}, {"source": "cve@mitre.org", "url": "https://lists.apache.org/thread.html/r0276683d8e1e07153fc8642618830ac0ade85b9ae0dc7b07f63bb8fc%40%3Ccvs.httpd.apache.org%3E"}, {"source": "cve@mitre.org", "url": "https://lists.apache.org/thread.html/r2cb985de917e7da0848c440535f65a247754db8b2154a10089e4247b%40%3Ccvs.httpd.apache.org%3E"}, {"source": "cve@mitre.org", "url": "https://lists.apache.org/thread.html/r5001ecf3d6b2bdd0b732e527654248abb264f08390045d30709a92f6%40%3Ccvs.httpd.apache.org%3E"}, {"source": "cve@mitre.org", "url": "https://lists.apache.org/thread.html/r734a07156abf332d5ab27fb91d9d962cacfef4f3681e44056f064fa8%40%3Ccvs.httpd.apache.org%3E"}, {"source": "cve@mitre.org", "url": "https://lists.apache.org/thread.html/r8828e649175df56f1f9e3919938ac7826128525426e2748f0ab62feb%40%3Ccvs.httpd.apache.org%3E"}, {"source": "cve@mitre.org", "url": "https://lists.apache.org/thread.html/r9e8622254184645bc963a1d47c5d47f6d5a36d6f080d8d2c43b2b142%40%3Ccvs.httpd.apache.org%3E"}, {"source": "cve@mitre.org", "url": "https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E"}, {"source": "cve@mitre.org", "url": "https://lists.apache.org/thread.html/rd65d8ba68ba17e7deedafbf5bb4899f2ae4dad781d21b931c2941ac3%40%3Ccvs.httpd.apache.org%3E"}, {"source": "cve@mitre.org", "url": "https://lists.apache.org/thread.html/re895fc1736d25c8cf57e102c871613b8aeec9ea26fd8a44e7942b5ab%40%3Ccvs.httpd.apache.org%3E"}, {"source": "cve@mitre.org", "url": "https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E"}, {"source": "cve@mitre.org", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10384"}], "sourceIdentifier": "cve@mitre.org", "vendorComments": [{"comment": "Fixed in Apache HTTP Server 2.0.53:\nhttp://httpd.apache.org/security/vulnerabilities_20.html", "lastModified": "2008-07-02T00:00:00", "organization": "Apache"}], "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "NVD-CWE-Other"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{"affected_release": [{"advisory": "RHSA-2004:562", "cpe": "cpe:/o:redhat:enterprise_linux:3", "package": "httpd-0:2.0.46-44.ent", "product_name": "Red Hat Enterprise Linux 3", "release_date": "2004-11-12T00:00:00Z"}, {"advisory": "RHSA-2004:600", "cpe": "cpe:/o:redhat:enterprise_linux:2.1", "product_name": "Red Hat Enterprise Linux AS (Advanced Server) version 2.1", "release_date": "2004-12-13T00:00:00Z"}, {"advisory": "RHSA-2004:600", "cpe": "cpe:/o:redhat:enterprise_linux:2.1", "product_name": "Red Hat Enterprise Linux ES version 2.1", "release_date": "2004-12-13T00:00:00Z"}, {"advisory": "RHSA-2004:600", "cpe": "cpe:/o:redhat:enterprise_linux:2.1", "product_name": "Red Hat Enterprise Linux WS version 2.1", "release_date": "2004-12-13T00:00:00Z"}, {"advisory": "RHSA-2004:600", "cpe": "cpe:/o:redhat:enterprise_linux:2.1", "product_name": "Red Hat Linux Advanced Workstation 2.1", "release_date": "2004-12-13T00:00:00Z"}, {"advisory": "RHSA-2008:0523", "cpe": "cpe:/a:redhat:network_proxy:4.2::el3", "package": "jabberd-0:2.0s10-3.37.rhn", "product_name": "Red Hat Network Proxy v 4.2 (RHEL 3)", "release_date": "2008-06-30T00:00:00Z"}, {"advisory": "RHSA-2008:0523", "cpe": "cpe:/a:redhat:network_proxy:4.2::el3", "package": "rhn-apache-0:1.3.27-36.rhn.rhel3", "product_name": "Red Hat Network Proxy v 4.2 (RHEL 3)", "release_date": "2008-06-30T00:00:00Z"}, {"advisory": "RHSA-2008:0523", "cpe": "cpe:/a:redhat:network_proxy:4.2::el3", "package": "rhn-modperl-0:1.29-16.rhel3", "product_name": "Red Hat Network Proxy v 4.2 (RHEL 3)", "release_date": "2008-06-30T00:00:00Z"}, {"advisory": "RHSA-2008:0523", "cpe": "cpe:/a:redhat:network_proxy:4.2::el4", "package": "jabberd-0:2.0s10-3.38.rhn", "product_name": "Red Hat Network Proxy v 4.2 (RHEL 4)", "release_date": "2008-06-30T00:00:00Z"}, {"advisory": "RHSA-2008:0523", "cpe": "cpe:/a:redhat:network_proxy:4.2::el4", "package": "rhn-apache-0:1.3.27-36.rhn.rhel4", "product_name": "Red Hat Network Proxy v 4.2 (RHEL 4)", "release_date": "2008-06-30T00:00:00Z"}, {"advisory": "RHSA-2008:0523", "cpe": "cpe:/a:redhat:network_proxy:4.2::el4", "package": "rhn-modperl-0:1.29-16.rhel4", "product_name": "Red Hat Network Proxy v 4.2 (RHEL 4)", "release_date": "2008-06-30T00:00:00Z"}, {"advisory": "RHSA-2008:0524", "cpe": "cpe:/a:redhat:network_satellite:4.2::el4", "package": "jabberd-0:2.0s10-3.38.rhn", "product_name": "Red Hat Network Satellite Server v 4.2", "release_date": "2008-06-30T00:00:00Z"}, {"advisory": "RHSA-2008:0524", "cpe": "cpe:/a:redhat:network_satellite:4.2::el4", "package": "java-1.4.2-ibm-0:1.4.2.10-1jpp.2.el4", "product_name": "Red Hat Network Satellite Server v 4.2", "release_date": "2008-06-30T00:00:00Z"}, {"advisory": "RHSA-2008:0524", "cpe": "cpe:/a:redhat:network_satellite:4.2::el4", "package": "jfreechart-0:0.9.20-3.rhn", "product_name": "Red Hat Network Satellite Server v 4.2", "release_date": "2008-06-30T00:00:00Z"}, {"advisory": "RHSA-2008:0524", "cpe": "cpe:/a:redhat:network_satellite:4.2::el4", "package": "openmotif21-0:2.1.30-11.RHEL4.6", "product_name": "Red Hat Network Satellite Server v 4.2", "release_date": "2008-06-30T00:00:00Z"}, {"advisory": "RHSA-2008:0524", "cpe": "cpe:/a:redhat:network_satellite:4.2::el4", "package": "perl-Crypt-CBC-0:2.24-1.el4", "product_name": "Red Hat Network Satellite Server v 4.2", "release_date": "2008-06-30T00:00:00Z"}, {"advisory": "RHSA-2008:0524", "cpe": "cpe:/a:redhat:network_satellite:4.2::el4", "package": "rhn-apache-0:1.3.27-36.rhn.rhel4", "product_name": "Red Hat Network Satellite Server v 4.2", "release_date": "2008-06-30T00:00:00Z"}, {"advisory": "RHSA-2008:0524", "cpe": "cpe:/a:redhat:network_satellite:4.2::el4", "package": "rhn-modjk-0:1.2.23-2rhn.rhel4", "product_name": "Red Hat Network Satellite Server v 4.2", "release_date": "2008-06-30T00:00:00Z"}, {"advisory": "RHSA-2008:0524", "cpe": "cpe:/a:redhat:network_satellite:4.2::el4", "package": "rhn-modperl-0:1.29-16.rhel4", "product_name": "Red Hat Network Satellite Server v 4.2", "release_date": "2008-06-30T00:00:00Z"}, {"advisory": "RHSA-2008:0524", "cpe": "cpe:/a:redhat:network_satellite:4.2::el4", "package": "rhn-modssl-0:2.8.12-8.rhn.10.rhel4", "product_name": "Red Hat Network Satellite Server v 4.2", "release_date": "2008-06-30T00:00:00Z"}, {"advisory": "RHSA-2008:0524", "cpe": "cpe:/a:redhat:network_satellite:4.2::el4", "package": "tomcat5-0:5.0.30-0jpp_10rh", "product_name": "Red Hat Network Satellite Server v 4.2", "release_date": "2008-06-30T00:00:00Z"}, {"advisory": "RHSA-2008:0524", "cpe": "cpe:/a:redhat:network_satellite:4.2::el3", "package": "jabberd-0:2.0s10-3.37.rhn", "product_name": "Red Hat Network Satellite Server v 4.2 (RHEL3)", "release_date": "2008-06-30T00:00:00Z"}, {"advisory": "RHSA-2008:0524", "cpe": "cpe:/a:redhat:network_satellite:4.2::el3", "package": "java-1.4.2-ibm-0:1.4.2.10-1jpp.2.el3", "product_name": "Red Hat Network Satellite Server v 4.2 (RHEL3)", "release_date": "2008-06-30T00:00:00Z"}, {"advisory": "RHSA-2008:0524", "cpe": "cpe:/a:redhat:network_satellite:4.2::el3", "package": "jfreechart-0:0.9.20-3.rhn", "product_name": "Red Hat Network Satellite Server v 4.2 (RHEL3)", "release_date": "2008-06-30T00:00:00Z"}, {"advisory": "RHSA-2008:0524", "cpe": "cpe:/a:redhat:network_satellite:4.2::el3", "package": "openmotif21-0:2.1.30-9.RHEL3.8", "product_name": "Red Hat Network Satellite Server v 4.2 (RHEL3)", "release_date": "2008-06-30T00:00:00Z"}, {"advisory": "RHSA-2008:0524", "cpe": "cpe:/a:redhat:network_satellite:4.2::el3", "package": "perl-Crypt-CBC-0:2.24-1.el3", "product_name": "Red Hat Network Satellite Server v 4.2 (RHEL3)", "release_date": "2008-06-30T00:00:00Z"}, {"advisory": "RHSA-2008:0524", "cpe": "cpe:/a:redhat:network_satellite:4.2::el3", "package": "rhn-apache-0:1.3.27-36.rhn.rhel3", "product_name": "Red Hat Network Satellite Server v 4.2 (RHEL3)", "release_date": "2008-06-30T00:00:00Z"}, {"advisory": "RHSA-2008:0524", "cpe": "cpe:/a:redhat:network_satellite:4.2::el3", "package": "rhn-modjk-0:1.2.23-2rhn.rhel3", "product_name": "Red Hat Network Satellite Server v 4.2 (RHEL3)", "release_date": "2008-06-30T00:00:00Z"}, {"advisory": "RHSA-2008:0524", "cpe": "cpe:/a:redhat:network_satellite:4.2::el3", "package": "rhn-modperl-0:1.29-16.rhel3", "product_name": "Red Hat Network Satellite Server v 4.2 (RHEL3)", "release_date": "2008-06-30T00:00:00Z"}, {"advisory": "RHSA-2008:0524", "cpe": "cpe:/a:redhat:network_satellite:4.2::el3", "package": "rhn-modssl-0:2.8.12-8.rhn.10.rhel3", "product_name": "Red Hat Network Satellite Server v 4.2 (RHEL3)", "release_date": "2008-06-30T00:00:00Z"}, {"advisory": "RHSA-2008:0524", "cpe": "cpe:/a:redhat:network_satellite:4.2::el3", "package": "tomcat5-0:5.0.30-0jpp_10rh", "product_name": "Red Hat Network Satellite Server v 4.2 (RHEL3)", "release_date": "2008-06-30T00:00:00Z"}, {"advisory": "RHSA-2008:0261", "cpe": "cpe:/a:redhat:network_satellite:5.0:el4", "package": "jabberd-0:2.0s10-3.38.rhn", "product_name": "Red Hat Network Satellite Server v 5.0", "release_date": "2008-05-20T00:00:00Z"}, {"advisory": "RHSA-2008:0261", "cpe": "cpe:/a:redhat:network_satellite:5.0:el4", "package": "java-1.4.2-ibm-0:1.4.2.10-1jpp.2.el4", "product_name": "Red Hat Network Satellite Server v 5.0", "release_date": "2008-05-20T00:00:00Z"}, {"advisory": "RHSA-2008:0261", "cpe": "cpe:/a:redhat:network_satellite:5.0:el4", "package": "jfreechart-0:0.9.20-3.rhn", "product_name": "Red Hat Network Satellite Server v 5.0", "release_date": "2008-05-20T00:00:00Z"}, {"advisory": "RHSA-2008:0261", "cpe": "cpe:/a:redhat:network_satellite:5.0:el4", "package": "openmotif21-0:2.1.30-11.RHEL4.6", "product_name": "Red Hat Network Satellite Server v 5.0", "release_date": "2008-05-20T00:00:00Z"}, {"advisory": "RHSA-2008:0261", "cpe": "cpe:/a:redhat:network_satellite:5.0:el4", "package": "perl-Crypt-CBC-0:2.24-1.el4", "product_name": "Red Hat Network Satellite Server v 5.0", "release_date": "2008-05-20T00:00:00Z"}, {"advisory": "RHSA-2008:0261", "cpe": "cpe:/a:redhat:network_satellite:5.0:el4", "package": "rhn-apache-0:1.3.27-36.rhn.rhel4", "product_name": "Red Hat Network Satellite Server v 5.0", "release_date": "2008-05-20T00:00:00Z"}, {"advisory": "RHSA-2008:0261", "cpe": "cpe:/a:redhat:network_satellite:5.0:el4", "package": "rhn-modjk-0:1.2.23-2rhn.rhel4", "product_name": "Red Hat Network Satellite Server v 5.0", "release_date": "2008-05-20T00:00:00Z"}, {"advisory": "RHSA-2008:0261", "cpe": "cpe:/a:redhat:network_satellite:5.0:el4", "package": "rhn-modperl-0:1.29-16.rhel4", "product_name": "Red Hat Network Satellite Server v 5.0", "release_date": "2008-05-20T00:00:00Z"}, {"advisory": "RHSA-2008:0261", "cpe": "cpe:/a:redhat:network_satellite:5.0:el4", "package": "rhn-modssl-0:2.8.12-8.rhn.10.rhel4", "product_name": "Red Hat Network Satellite Server v 5.0", "release_date": "2008-05-20T00:00:00Z"}, {"advisory": "RHSA-2008:0261", "cpe": "cpe:/a:redhat:network_satellite:5.0:el4", "package": "tomcat5-0:5.0.30-0jpp_10rh", "product_name": "Red Hat Network Satellite Server v 5.0", "release_date": "2008-05-20T00:00:00Z"}, {"advisory": "RHSA-2004:653", "cpe": "cpe:/a:redhat:stronghold:4", "product_name": "Red Hat Stronghold 4", "release_date": "2004-12-20T00:00:00Z"}, {"advisory": "RHSA-2005:816", "cpe": "cpe:/a:redhat:rhel_stronghold:4.0", "product_name": "Stronghold 4.0 for Red Hat Enterprise Linux AS (version 2.1)", "release_date": "2005-11-02T00:00:00Z"}], "bugzilla": {"description": "mod_ssl SSLCipherSuite bypass", "id": "430637", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=430637"}, "csaw": false, "details": ["The mod_ssl module in Apache 2.0.35 through 2.0.52, when using the \"SSLCipherSuite\" directive in directory or location context, allows remote clients to bypass intended restrictions by using any cipher suite that is allowed by the virtual host configuration."], "name": "CVE-2004-0885", "public_date": "2004-10-05T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2004-0885\nhttps://nvd.nist.gov/vuln/detail/CVE-2004-0885"], "threat_severity": "Moderate"}