Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
ubuntucveUbuntu.comUB:CVE-2007-1743
HistoryApr 13, 2007 - 12:00 a.m.

CVE-2007-1743

2007-04-1300:00:00
ubuntu.com
ubuntu.com
9

0.0004 Low

EPSS

Percentile

5.2%

JSON

suexec in Apache HTTP Server (httpd) 2.2.3 does not verify combinations of
user and group IDs on the command line, which might allow local users to
leverage other vulnerabilities to create arbitrary UID/GID owned files if
/proc is mounted. NOTE: the researcher, who is reliable, claims that the
vendor disputes the issue because “the attacks described rely on an
insecure server configuration” in which the user “has write access to the
document root.” In addition, because this is dependent on other
vulnerabilities, perhaps this is resultant and should not be included in
CVE.

Notes

Author Note
kees negligible addition checks for suexec

Related

cvelist 1
cve 1
prion 1
redhatcve 1
debiancve 1
nessus 2
securityvulns 1
cvelist
cvelist
CVE-2007-1743
2007-04-13 17:00:00
cve
cve
CVE-2007-1743
2007-04-13 17:19:00
prion
prion
Design/Logic Flaw
2007-04-13 17:19:00
redhatcve
redhatcve
CVE-2007-1743
2015-10-30 10:09:56
debiancve
debiancve
CVE-2007-1743
2007-04-13 17:19:00
nessus
nessus
Apache mod_suexec Multiple Privilege Escalation Vulnerabilities
2011-11-18 00:00:00
Apache 2.2.x < 2.2.6 Multiple Vulnerabilities (DoS, XSS, Info Disc)
2007-09-14 00:00:00
securityvulns
securityvulns
Apache suexec multiple vulnerabilities
2007-04-12 00:00:00

0.0004 Low

EPSS

Percentile

5.2%

JSON
Related for UB:CVE-2007-1743
cvelist1cve1prion1redhatcve1debiancve1nessus2securityvulns1