Weak Cipher Suite Vulnerability in Apache 2 and mod_ssl

Weak Cipher Suite Vulnerability in Apache 2 and mod_ssl

CVE-2003-0192 · MEDIUM Severity

AV:N/AC:L/AU:N/C:N/I:P/A:P

Apache 2 before 2.0.47, and certain versions of mod_ssl for Apache 1.3, do not properly handle "certain sequences of per-directory renegotiations and the SSLCipherSuite directive being used to upgrade from a weak ciphersuite to a strong one," which could cause Apache to use the weak ciphersuite.

Learn more about our Web Application Penetration Testing UK.