Lucene search
Debian Security Bug TrackerDEBIANCVE:CVE-2012-0883HistoryApr 18, 2012 - 10:33 a.m.
CVE-2012-0883
2012-04-1810:33:00
Debian Security Bug Tracker
security-tracker.debian.org
24
6.9 Medium
CVSS2
Access Vector
LOCAL
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:M/Au:N/C:C/I:C/A:C
0.0004 Low
EPSS
Percentile
11.9%
envvars (aka envvars-std) in the Apache HTTP Server before 2.4.2 places a zero-length directory name in the LD_LIBRARY_PATH, which allows local users to gain privileges via a Trojan horse DSO in the current working directory during execution of apachectl.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Debian | 12 | all | apache2 | < 2.4.57-2 | apache2_2.4.57-2_all.deb |
| Debian | 11 | all | apache2 | < 2.4.56-1~deb11u2 | apache2_2.4.56-1~deb11u2_all.deb |
| Debian | 10 | all | apache2 | < 2.4.38-3+deb10u8 | apache2_2.4.38-3+deb10u8_all.deb |
| Debian | 999 | all | apache2 | < 2.4.59-1 | apache2_2.4.59-1_all.deb |
| Debian | 13 | all | apache2 | < 2.4.58-1 | apache2_2.4.58-1_all.deb |
Related
prion
prion
Directory traversal
2012-04-18 10:33:00
ubuntucve
ubuntucve
CVE-2012-0883
2012-04-18 00:00:00
seebug
seebug
Apache HTTP Server envvars本地权限提升漏洞
2012-09-18 00:00:00
Apache HTTP Server 'LD_LIBRARY_PATH'不安全库加载任意代码执行漏洞
2012-10-11 00:00:00
Apache HTTP Server 'LD_LIBRARY_PATH'不安全库装载任意代码执行漏洞
2012-04-20 00:00:00
cve
cve
CVE-2012-0883
2012-04-18 10:33:00
freebsd
freebsd
Apache -- Insecure LD_LIBRARY_PATH handling
2012-03-02 00:00:00
apache22 -- several vulnerabilities
2012-09-13 00:00:00
httpd
httpd
Apache Httpd < 2.4.2 : insecure LD_LIBRARY_PATH handling
2012-02-14 00:00:00
Apache Httpd < 2.2.23 : insecure LD_LIBRARY_PATH handling
2012-02-14 00:00:00
nessus
nessus
FreeBSD : Apache -- Insecure LD_LIBRARY_PATH handling (de2bc01f-dc44-11e1-9f4d-002354ed89bc)
2012-08-02 00:00:00
Apache 2.4.x < 2.4.2 'LD_LIBRARY_PATH' Insecure Library Loading
2012-04-19 00:00:00
Apache 2.2 < 2.2.23 Multiple Vulnerabilities
2012-09-17 00:00:00
openvas
openvas
FreeBSD Ports: apache
2012-08-10 00:00:00
Apache HTTP Server Privilege Escalation Vulnerability (Mar 2012) - Linux
2021-11-01 00:00:00
FreeBSD Ports: apache
2012-08-10 00:00:00
securityvulns
securityvulns
Apache security vulnerabilities
2012-10-01 00:00:00
[ MDVSA-2012:154 ] apache
2012-10-01 00:00:00
fedora
fedora
[SECURITY] Fedora 17 Update: httpd-2.2.23-1.fc17
2013-02-12 04:59:23
f5
f5
altlinux
altlinux
Security fix for the ALT Linux 10 package apache2 version 2.2.24-alt1
2013-04-14 00:00:00
Security fix for the ALT Linux 9 package apache2 version 2.2.24-alt1
2013-04-14 00:00:00
Security fix for the ALT Linux 8 package apache2 version 2.2.24-alt1
2013-04-14 00:00:00
redhat
redhat
gentoo
gentoo
Apache HTTP Server: Multiple vulnerabilities
2012-06-24 00:00:00
6.9 Medium
CVSS2
Access Vector
LOCAL
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:M/Au:N/C:C/I:C/A:C
0.0004 Low
EPSS
Percentile
11.9%
Related for DEBIANCVE:CVE-2012-0883