Mod Auth Shadow : Security Vulnerabilities, CVEs,

CVE-2005-2963

The mod_auth_shadow module 1.0 through 1.5 and 2.0 for Apache with AuthShadow enabled uses shadow authentication for all locations that use the require group directive, even when other authentication mechanisms are specified, which might allow remote authenticated users to bypass security restrictions.
Max CVSS
7.5
EPSS Score
1.30%
Published
2005-10-13
Updated
2017-07-11

CVE-2004-0041

The mod_auth_shadow module 1.4 and earlier does not properly enforce the expiration of a user account and password, which could allow remote authenticated users to bypass intended access restrictions.
Max CVSS
7.5
EPSS Score
0.41%
Published
2004-02-03
Updated
2008-09-05
2 vulnerabilities found
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!
Accept Close