F5 Networks, Inc. Information for VU#744929
mod_ssl fails to properly enforce client certificates authentication
- Vendor Information Help Date Notified: 07 Sep 2005
- Statement Date:
- Date Updated: 08 Sep 2005
BigIP v4 and v9 do not support client-side authentication to the Management user interface, so the vulnerability does not apply.
FirePass is not vulnerable.
TrafficShield uses Apache 2.0.53 and therefore is vulnerable. A hotfix will be forthcoming and included in the next security hotfix to be issued on TrafficShield 3.2.1.
The vendor has not provided us with any further information regarding this vulnerability.
There are no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us email.