Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

7 matches found

Packet Storm
Packet Stormadded 2013/08/08 12:0 a.m.226 views

Apache suEXEC Privilege Escalation / Information Disclosure

Apache suEXEC privilege elevation / information disclosure Discovered by Kingcope/Aug 2013 The suEXEC feature provides Apache users the ability to run CGI and SSI programs under user IDs different from the user ID of the calling web server. Normally, when a CGI or SSI program executes, it runs as...

0.4AI score
Exploits0
0day.today
0day.todayadded 2013/08/07 12:0 a.m.57 views

Apache suEXEC Privilege Elevation / Information Disclosure

Apache suEXEC suffers from privilege escalation and information disclosure vulnerabilities. Apache suEXEC privilege elevation / information disclosure Discovered by Kingcope/Aug 2013 The suEXEC feature provides Apache users the ability to run CGI and SSI programs under user IDs different from the...

7AI score
Exploits0
Exploit DB
Exploit DBadded 2013/08/07 12:0 a.m.40 views

Apache suEXEC - Information Disclosure / Privilege Escalation

Apache suEXEC privilege elevation / information disclosure Discovered by Kingcope/Aug 2013 The suEXEC feature provides Apache users the ability to run CGI and SSI programs under user IDs different from the user ID of the calling web server. Normally, when a CGI or SSI program executes, it runs as...

7.4AI score
Exploits0
exploitpack
exploitpackadded 2013/08/07 12:0 a.m.22 views

Apache suEXEC - Information Disclosure Privilege Escalation

Apache suEXEC - Information Disclosure Privilege Escalation Apache suEXEC privilege elevation / information disclosure Discovered by Kingcope/Aug 2013 The suEXEC feature provides Apache users the ability to run CGI and SSI programs under user IDs different from the user ID of the calling web...

0.4AI score
Exploits0
seebug.org
seebug.orgadded 2007/04/17 12:0 a.m.209 views

Apache HTTPD suEXEC本地特权提升漏洞

Apache HTTP server是一款流行的WEB服务程序。 Apache HTTP server包含的suexec应用程序存在设计问题,本地攻击者可以利用漏洞提升特权。 问题一是路径检查竞争条件漏洞 在获得当前目录和更改目录中存在竞争条件问题。另一个存在于更改目录和检查目录是否为链接也存在竞争条件问题。目录结构在这些操作中更换,会导致可以在攻击者选择的任意目录中执行lstat。通过使用符号链接或重命名父目录来利用。第三个竞争条件存在于最后符号链接检查和执行目标两进制程序中。 问题二是路径检查错误 suexec工具使用strncmp检查是否当前目录是DOCU...

7.1AI score
Exploits0
securityvulns
securityvulnsadded 2007/04/12 12:0 a.m.150 views

Apache suexec multiple vulnerabilities

RAce conditions on symbolic links handling, access to partially matched directories, privilege escalation because of absent GID/UID check...

6.2CVSS3.2AI score0.00172EPSS
Exploits0References1Affected Software1
securityvulns
securityvulnsadded 2005/01/10 12:0 a.m.20 views

[Full-Disclosure] Kernelpanik Labs Digest 2005-1

Hi and happy new year. This is a email digest with security fails recently published by Kernelpanik Labs http://www.kernelpanik.org Apache suEXEC Bypass -------------------- Small document about how bypass isolating procedures, i.e. suEXEC, in Apache WebServer. English document:...

7.7AI score
Exploits0
Rows per page
Query Builder