Description
A regression error in the Debian distributions of the apache-ssl package (before 1.3.9 on Debian 2.2, and before 1.3.26 on Debian 3.0), for Apache 1.3.27 and earlier, allows local users to read or modify the Apache password file via a symlink attack on temporary files when the administrator runs (1) htpasswd or (2) htdigest, a re-introduction of a vulnerability that was originally identified and addressed by CVE-2001-0131.
Remediation
References
Related Vulnerabilities
Joomla CVE-2006-4469 Vulnerability (CVE-2006-4469)
PHP Improper Input Validation Vulnerability (CVE-2015-3411)
WordPress Plugin Slimstat Analytics SQL Injection (4.9.3.3)
ownCloud Permissions, Privileges, and Access Controls Vulnerability (CVE-2013-2047)
OpenSSL Improper Check for Unusual or Exceptional Conditions Vulnerability (CVE-2023-5678)