Red Hat Bugzilla – Bug 175720
CVE-2005-3357 mod_ssl crash
Last modified: 2007-11-30 17:07:22 EST
This is a mod_ssl issue which only affects 2.x:
2.0.x patch attached. It's a remotely-triggered NULL pointer
dereference (so interesting only if you use a threaded MPM), affects
server configurations with an SSL vhost configured with access control
and a custom 400 errordocument; so this is rated "low".
An advisory has been issued which should help the problem
described in this bug report. This report is therefore being
closed with a resolution of ERRATA. For more information
on the solution and/or where to find the updated files,
please follow the link below. You may reopen this bug report
if the solution does not work for you.