CVE-2005-2963

Publication date 13 October 2005

Last updated 17 July 2025

Ubuntu priority

Description

The mod_auth_shadow module 1.0 through 1.5 and 2.0 for Apache with AuthShadow enabled uses shadow authentication for all locations that use the require group directive, even when other authentication mechanisms are specified, which might allow remote authenticated users to bypass security restrictions.

Status

Show unmaintained releases

Package	Ubuntu Release	Status
mod-auth-shadow	7.04 feisty	Fixed 1.4-2
	6.10 edgy	Fixed 1.4-2
	6.06 LTS dapper	Fixed 1.4-2

How can I get the fixes?
What do statuses mean?

References

MITRE
NVD
Launchpad
Debian

Other references

https://www.cve.org/CVERecord?id=CVE-2005-2963