CVE-2002-1233

Опубликовано: 04 нояб. 2002

Источник: nvd

CVSS2: 2.6

EPSS Низкий

Описание

A regression error in the Debian distributions of the apache-ssl package (before 1.3.9 on Debian 2.2, and before 1.3.26 on Debian 3.0), for Apache 1.3.27 and earlier, allows local users to read or modify the Apache password file via a symlink attack on temporary files when the administrator runs (1) htpasswd or (2) htdigest, a re-introduction of a vulnerability that was originally identified and addressed by CVE-2001-0131.

Ссылки

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:apache:http_server:1.3.17:*:*:*:*:*:*:*

cpe:2.3:a:apache:http_server:1.3.17:*:win32:*:*:*:*:*

cpe:2.3:a:apache:http_server:1.3.18:*:*:*:*:*:*:*

cpe:2.3:a:apache:http_server:1.3.18:*:win32:*:*:*:*:*

cpe:2.3:a:apache:http_server:1.3.19:*:*:*:*:*:*:*

cpe:2.3:a:apache:http_server:1.3.19:*:win32:*:*:*:*:*

cpe:2.3:a:apache:http_server:1.3.20:*:*:*:*:*:*:*

cpe:2.3:a:apache:http_server:1.3.20:*:win32:*:*:*:*:*

cpe:2.3:a:apache:http_server:1.3.22:*:*:*:*:*:*:*

cpe:2.3:a:apache:http_server:1.3.22:*:win32:*:*:*:*:*

cpe:2.3:a:apache:http_server:1.3.23:*:*:*:*:*:*:*

cpe:2.3:a:apache:http_server:1.3.23:*:win32:*:*:*:*:*

cpe:2.3:a:apache:http_server:1.3.24:*:*:*:*:*:*:*

cpe:2.3:a:apache:http_server:1.3.24:*:win32:*:*:*:*:*

cpe:2.3:a:apache:http_server:1.3.25:*:*:*:*:*:*:*

cpe:2.3:a:apache:http_server:1.3.25:*:win32:*:*:*:*:*

cpe:2.3:a:apache:http_server:1.3.26:*:*:*:*:*:*:*

cpe:2.3:a:apache:http_server:1.3.26:*:win32:*:*:*:*:*

cpe:2.3:a:apache:http_server:1.3.27:*:*:*:*:*:*:*

EPSS

Процентиль: 30%

0.00111

Низкий

2.6 Low

CVSS2

Дефекты

NVD-CWE-Other

Связанные уязвимости

CVE-2002-1233

debian

почти 23 года назад

A regression error in the Debian distributions of the apache-ssl packa ...

GHSA-h5gj-xw8w-hmjf

github

больше 3 лет назад