Secunia Advisory: SA16688
Release Date: 2005-09-05
Critical:
Less critical
Impact: Privilege escalation
Where: Local system
Solution Status: Vendor Patch
Software: Apache 2.0.x
Select a product and view a complete list of all Patched/Unpatched Secunia advisories affecting it.
CVE reference: CAN-2005-2491
Description:
A vulnerability has been reported in Apache, which can be exploited by malicious, local users to gain escalated privileges via a specially crafted ".htaccess" file.
For more information:
SA16502
The vulnerability has been reported in versions 2.0.35 through 2.0.37, 2.0.39 through 2.0.40, and 2.0.42 through 2.0.54.
Solution:
The vulnerability has been fixed in version 2.0.55-dev.
Other References:
SA16502:
http://secunia.com/advisories/16502/