Headline
CVE-2005-2700
ssl_engine_kernel.c in mod_ssl before 2.8.24, when using “SSLVerifyClient optional” in the global virtual host configuration, does not properly enforce “SSLVerifyClient require” in a per-location context, which allows remote attackers to bypass intended access restrictions.
Index: modules/ssl/ssl_engine_kernel.c =================================================================== — modules/ssl/ssl_engine_kernel.c (revision 264993) +++ modules/ssl/ssl_engine_kernel.c (working copy) @@ -406,8 +406,8 @@ (!(verify_old & SSL_VERIFY_PEER) && (verify & SSL_VERIFY_PEER)) || - (!(verify_old & SSL_VERIFY_PEER_STRICT) && - (verify & SSL_VERIFY_PEER_STRICT))) + (!(verify_old & SSL_VERIFY_FAIL_IF_NO_PEER_CERT) && + (verify & SSL_VERIFY_FAIL_IF_NO_PEER_CERT))) { renegotiate = TRUE; /* optimization */