angler-fishThe Vulnerability History Project

* modules/ssl/ssl_engine_kernel.c (ssl_hook_UserCheck): Fix buffer

      overflow in FakeBasicAuth code if client's subject DN exceeds 6K in
length (CVE CAN-2004-0488); switch to using apr-util base64 encoder
functions.


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@103754 13f79535-47bb-0310-9956-ffa450edef68
by Nancy the Monkey 2004-05-25 12:09:01 UTC
commit 3efccf4239e0a576d7667c95d61c4a618af32916
HTTPD Fix CVE-2004-0488
modules/ssl/ssl_engine_kernel.c
+7 -8
expand_less