SynopsisThe remote FreeBSD host is missing a security-related update.
DescriptionMarc Stern reports an off-by-one vulnerability in within mod_ssl. The vulnerability lies in mod_ssl's Certificate Revocation List (CRL). If Apache is configured to use a CRL this could allow an attacker to crash a child process causing a Denial of Service.
SolutionUpdate the affected package.