Apache HTTP Server Other Vulnerability - CVE-2007-1743

suexec in Apache HTTP Server (httpd) 2.2.3 does not verify combinations of user and group IDs on the command line which might allow local users to leverage other vulnerabilities to create arbitrary UID/GID owned files if /proc is mounted. NOTE: the researcher who is reliable claims that the vendor disputes the issue because quotthe attacks described rely on an insecure server configurationquot in which the user quothas write access to the document root.quot In addition because this is dependent on other vulnerabilities perhaps this is resultant and should not be included in CVE.