Vulnerability & Exploit Database

Displaying all 2 entries

Results for: CVE-2013-1048 Back to search

DSA-2637-1 apache2 -- several issues Vulnerability

  • Severity: 5
  • Published: February 26, 2013

The Debian apache2ctl script in the apache2 package squeeze before 2.2.16-6+squeeze11, wheezy before 2.2.22-13, and sid before 2.2.22-13 for the Apache HTTP Server on Debian GNU/Linux does not properly create the /var/lock/apache2 lock directory, which allows local users to gain privileges via an unspecified symlink attack.

USN-1765-1: Apache HTTP Server vulnerabilities Vulnerability

  • Severity: 5
  • Published: November 30, 2012

The mod_proxy_ajp module in the Apache HTTP Server 2.2.12 through 2.2.21 places a worker node into an error state upon detection of a long request-processing time, which allows remote attackers to cause a denial of service (worker consumption) via an expensive request.