Vulnerabilities (CVE)

Filtered by vendor Debian Subscribe
Filtered by product Apache
Total 1 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2006-7098 1 Debian 1 Apache 2023-12-10 6.6 MEDIUM N/A
The Debian GNU/Linux 033_-F_NO_SETSID patch for the Apache HTTP Server 1.3.34-4 does not properly disassociate httpd from a controlling tty when httpd is started interactively, which allows local users to gain privileges to that tty via a CGI program that calls the TIOCSTI ioctl.