Local Privilege Escalation in Debian Apache2 Package
CVE-2013-1048

Currently unrated

Key Information:

Vendor: Debian
Status: Apache2
Vendor: CVE Published:; 6 March 2013

Summary

The Debian Apache2 package contains a flaw in the apache2ctl script that fails to properly create the /var/lock/apache2 lock directory. This vulnerability allows local users to exploit the system through an unspecified symlink attack, potentially compromising system integrity and granting unauthorized access.

References

http://security.debian.org/debian-security/pool/updates/m...

x_refsource_CONFIRM

http://www.debian.org/security/2013/dsa-2637

vendor-advisoryx_refsource_DEBIAN

Timeline

Vulnerability Reserved
Oct 3, 2022
Vulnerability published
Mar 6, 2013