Unrated severityNVD Advisory· Published Mar 6, 2013· Updated Jun 16, 2026
CVE-2013-1048
CVE-2013-1048
Description
The Debian apache2ctl script in the apache2 package squeeze before 2.2.16-6+squeeze11, wheezy before 2.2.22-13, and sid before 2.2.22-13 for the Apache HTTP Server on Debian GNU/Linux does not properly create the /var/lock/apache2 lock directory, which allows local users to gain privileges via an unspecified symlink attack.
Affected products
4cpe:2.3:a:debian:apache2:*:sid:*:*:*:*:*:*+ 3 more
- cpe:2.3:a:debian:apache2:*:sid:*:*:*:*:*:*range: <=2.2.22-12
- cpe:2.3:a:debian:apache2:*:squeeze10:*:*:*:*:*:*range: <=2.2.16-6
- cpe:2.3:a:debian:apache2:*:wheezy:*:*:*:*:*:*range: <=2.2.22-12
- (no CPE)range: <2.2.16-6+squeeze11, 2.2.22-13
Patches
Vulnerability mechanics
References
2News mentions
0No linked articles in our index yet.