Lucene search
Ubuntu.comUB:CVE-2013-1048HistoryMar 06, 2013 - 12:00 a.m.
CVE-2013-1048
2013-03-0600:00:00
ubuntu.com
ubuntu.com
76
4.6 Medium
CVSS2
Access Vector
LOCAL
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:L/AC:L/Au:N/C:P/I:P/A:P
0.0004 Low
EPSS
Percentile
5.2%
The Debian apache2ctl script in the apache2 package squeeze before
2.2.16-6+squeeze11, wheezy before 2.2.22-13, and sid before 2.2.22-13 for
the Apache HTTP Server on Debian GNU/Linux does not properly create the
/var/lock/apache2 lock directory, which allows local users to gain
privileges via an unspecified symlink attack.
Notes
| Author | Note |
|---|---|
| seth-arnold | not part of apache upstream; vulnerability shared with Debian |
Related
prion
prion
Code injection
2013-03-06 13:10:00
cve
cve
CVE-2013-1048
2013-03-06 13:10:00
debiancve
debiancve
CVE-2013-1048
2013-03-06 13:10:00
cvelist
cvelist
CVE-2013-1048
2022-10-03 16:14:49
openvas
openvas
Debian: Security Advisory (DSA-2637-1)
2013-03-03 00:00:00
Debian Security Advisory DSA 2637-1 (apache2 - several issues)
2013-03-04 00:00:00
Ubuntu Update for apache2 USN-1765-1
2013-03-19 00:00:00
debian
debian
[SECURITY] [DSA 2637-1] apache2 security update
2013-03-04 21:34:52
[SECURITY] [DSA 2637-1] apache2 security update
2013-03-04 21:34:32
nessus
nessus
Debian DSA-2637-1 : apache2 - several issues
2013-03-05 00:00:00
osv
osv
apache2 - several
2013-03-04 00:00:00
ubuntu
ubuntu
Apache HTTP Server vulnerabilities
2013-03-18 00:00:00
4.6 Medium
CVSS2
Access Vector
LOCAL
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:L/AC:L/Au:N/C:P/I:P/A:P
0.0004 Low
EPSS
Percentile
5.2%
Related for UB:CVE-2013-1048