PT-2003-2447 · Apache · Mod Throttle

Published

2003-12-31

Updated

2008-09-05

CVE-2003-1502

CVSS v2.0

4.6

Medium

Vector

AV:L/AC:L/Au:N/C:P/I:P/A:P

Name of the Vulnerable Software and Affected Versions mod throttle version 3.0

Description The issue allows local users with Apache privileges to access shared memory that points to a file writable by the apache user, potentially enabling local users to gain privileges.

Recommendations For mod throttle version 3.0, consider restricting access to the shared memory or limiting the privileges of the apache user to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2003-1502

Affected Products

Mod Throttle

PT-2003-2447 · Apache · Mod Throttle

CVE-2003-1502

Related Identifiers

Affected Products

References · 3