Description
Kayran has detected a flaw in the mod_ssl handling of the “SSLVerifyClient” directive.
This flaw would occur if a virtual host has been configured using “SSLVerifyClient optional” and further a directive “SSLVerifyClient required” is set for a specific location.
Also known as CVE-2005-2700.
By using the “SSLVerifyClient optional” in the global virtual host configuration, does not properly enforce “SSLVerifyClient require” in a per-location context.
That will allow remote attackers to bypass restrictions and gain access to resources that should be protected (Information Disclosure).
It can be done since supplying a client certificate when connecting is not needed, therefore, the system’s integrity is compromised.
Severity/Score
CVSS Version 2.0- 10.0 High
Recommendation
To prevent CVE-2005-2700, update the version of the Apache httpd being used to 2.0.55 or higher.
References
https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2005-2700
