CVE-2004-0885 SUSE CVE security@suse.de SUSE Security Team SUSE CVE-2004-0885 Interim 1 4 2023-12-09T02:24:38Z current 2021-05-30T12:30:39Z 2023-12-09T02:24:38Z cve-database/bin/generate-cvrf-cve.pl 2020-12-27T01:00:00Z CVE-2004-0885 The mod_ssl module in Apache 2.0.35 through 2.0.52, when using the "SSLCipherSuite" directive in directory or location context, allows remote clients to bypass intended restrictions by using any cipher suite that is allowed by the virtual host configuration. The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/QPUVV23W53DAOCPMS4AUPK4KE3CRURRK/#QPUVV23W53DAOCPMS4AUPK4KE3CRURRK E-Mail link for SUSE-SA:2004:040 https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/LXLAMCA333MF6BX2JYVPDPFA6KBVPJ63/#LXLAMCA333MF6BX2JYVPDPFA6KBVPJ63 E-Mail link for SUSE-SA:2004:041 https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/QKWBZAJPSEUG66DHL2A6BZAADTEPNOAG/#QKWBZAJPSEUG66DHL2A6BZAADTEPNOAG E-Mail link for SUSE-SR:2004:001 https://www.suse.com/support/security/rating/ SUSE Security Ratings The mod_ssl module in Apache 2.0.35 through 2.0.52, when using the "SSLCipherSuite" directive in directory or location context, allows remote clients to bypass intended restrictions by using any cipher suite that is allowed by the virtual host configuration. CVE-2004-0885 important 7.5 AV:N/AC:L/Au:N/C:P/I:P/A:P