Description
Off-by-one error in the mod_ssl Certificate Revocation List (CRL) verification callback in Apache, when configured to use a CRL, allows remote attackers to cause a denial of service (child process crash) via a CRL that causes a buffer overflow of one null byte.
Remediation
References
Related Vulnerabilities
MySQL CVE-2020-2761 Vulnerability (CVE-2020-2761)
Oracle JRE CVE-2018-2811 Vulnerability (CVE-2018-2811)
Jenkins Use of Insufficiently Random Values Vulnerability (CVE-2020-2099)
XWiki Insufficiently Protected Credentials Vulnerability (CVE-2022-41933)
Moodle Improper Link Resolution Before File Access ('Link Following') Vulnerability (CVE-2008-5153)