Apache mod_ssl i2d_SSL_SESSION Function SSL Client Certificate Overflow
High Nessus Plugin ID 10888
SynopsisThe remote web server module has a buffer overflow vulnerability.
DescriptionAccording to the web server banner, the remote host is using a vulnerable version of mod_ssl. This version has a buffer overflow vulnerability. A remote attacker could exploit this issue to execute arbitrary code.
*** Some vendors patched older versions of mod_ssl, so this *** might be a false positive. Check with your vendor to determine *** if you have a version of mod_ssl that is patched for this *** vulnerability.
SolutionUpgrade to mod_ssl 2.8.7 or later.