Get a demo
100% Signal 0% Noise Invicti Logo - The Largest Dynamic Application Security Solutions Provider In The World Get a demo
Apache HTTP Server Vulnerability - CVE-2012-0883 - Vulnerability Database
Apache HTTP Server

Apache HTTP Server Vulnerability - CVE-2012-0883

Medium
Reference: CVE-2012-0883
NVD Link: https://nvd.nist.gov/vuln/detail/CVE-2012-0883
Title: Apache HTTP Server Vulnerability
Overview:

envvars (aka envvars-std) in the Apache HTTP Server before 2.4.2 places a zero-length directory name in the LD_LIBRARY_PATH which allows local users to gain privileges via a Trojan horse DSO in the current working directory during execution of apachectl.