VYPR
← All advisories
Unrated severityNVD Advisory· Published Nov 4, 2002· Updated Jun 16, 2026

CVE-2002-1233

CVE-2002-1233

Description

A regression error in the Debian distributions of the apache-ssl package (before 1.3.9 on Debian 2.2, and before 1.3.26 on Debian 3.0), for Apache 1.3.27 and earlier, allows local users to read or modify the Apache password file via a symlink attack on temporary files when the administrator runs (1) htpasswd or (2) htdigest, a re-introduction of a vulnerability that was originally identified and addressed by CVE-2001-0131.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

20
  • Apache/HTTP Server19 versions
    cpe:2.3:a:apache:http_server:1.3.17:*:*:*:*:*:*:*+ 18 more
    • cpe:2.3:a:apache:http_server:1.3.17:*:*:*:*:*:*:*
    • cpe:2.3:a:apache:http_server:1.3.17:*:win32:*:*:*:*:*
    • cpe:2.3:a:apache:http_server:1.3.18:*:*:*:*:*:*:*
    • cpe:2.3:a:apache:http_server:1.3.18:*:win32:*:*:*:*:*
    • cpe:2.3:a:apache:http_server:1.3.19:*:*:*:*:*:*:*
    • cpe:2.3:a:apache:http_server:1.3.19:*:win32:*:*:*:*:*
    • cpe:2.3:a:apache:http_server:1.3.20:*:*:*:*:*:*:*
    • cpe:2.3:a:apache:http_server:1.3.20:*:win32:*:*:*:*:*
    • cpe:2.3:a:apache:http_server:1.3.22:*:*:*:*:*:*:*
    • cpe:2.3:a:apache:http_server:1.3.22:*:win32:*:*:*:*:*
    • cpe:2.3:a:apache:http_server:1.3.23:*:*:*:*:*:*:*
    • cpe:2.3:a:apache:http_server:1.3.23:*:win32:*:*:*:*:*
    • cpe:2.3:a:apache:http_server:1.3.24:*:*:*:*:*:*:*
    • cpe:2.3:a:apache:http_server:1.3.24:*:win32:*:*:*:*:*
    • cpe:2.3:a:apache:http_server:1.3.25:*:*:*:*:*:*:*
    • cpe:2.3:a:apache:http_server:1.3.25:*:win32:*:*:*:*:*
    • cpe:2.3:a:apache:http_server:1.3.26:*:*:*:*:*:*:*
    • cpe:2.3:a:apache:http_server:1.3.26:*:win32:*:*:*:*:*
    • cpe:2.3:a:apache:http_server:1.3.27:*:*:*:*:*:*:*
  • Apache SSL/Apache SSLllm-fuzzy
    Range: <=1.3.27 (Apache) / <1.3.9 (Debian 2.2) / <1.3.26 (Debian 3.0)

Patches

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

8

News mentions

0

No linked articles in our index yet.