Lucene search

K
httpdApache Team FoundationHTTPD:6309ABD03BB1B29C82E941636515010E
HistoryOct 04, 2011 - 12:00 a.m.

Apache Httpd < 2.2.22 : mod_setenvif .htaccess privilege escalation

2011-10-0400:00:00
Apache Team Foundation
httpd.apache.org
31

4.4 Medium

CVSS2

Attack Vector

LOCAL

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:M/Au:N/C:P/I:P/A:P

0.001 Low

EPSS

Percentile

26.5%

An integer overflow flaw was found which, when the mod_setenvif module is enabled, could allow local users to gain privileges via a .htaccess file.

4.4 Medium

CVSS2

Attack Vector

LOCAL

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:M/Au:N/C:P/I:P/A:P

0.001 Low

EPSS

Percentile

26.5%