Vulnerabilities > Debian > Apache > Medium
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2007-03-03 | CVE-2006-7098 | Permissions, Privileges, and Access Controls vulnerability in Debian Apache 1.3.34.4 The Debian GNU/Linux 033_-F_NO_SETSID patch for the Apache HTTP Server 1.3.34-4 does not properly disassociate httpd from a controlling tty when httpd is started interactively, which allows local users to gain privileges to that tty via a CGI program that calls the TIOCSTI ioctl. | 6.6 |