Search for vulnerabilities
Vulnerability details: VCID-gx3t-qxpg-aaaa
Vulnerability ID VCID-gx3t-qxpg-aaaa
Aliases CVE-2013-1048
Summary The Debian apache2ctl script in the apache2 package squeeze before 2.2.16-6+squeeze11, wheezy before 2.2.22-13, and sid before 2.2.22-13 for the Apache HTTP Server on Debian GNU/Linux does not properly create the /var/lock/apache2 lock directory, which allows local users to gain privileges via an unspecified symlink attack.
Status Published
Exploitability 0.5
Weighted Severity 4.1
Risk 2.0
Affected and Fixed Packages Package Details
Weaknesses (1)
CWE-264 Permissions, Privileges, and Access Controls
System Score Found at
epss 0.00042 https://api.first.org/data/v1/epss?cve=CVE-2013-1048
epss 0.00042 https://api.first.org/data/v1/epss?cve=CVE-2013-1048
epss 0.00042 https://api.first.org/data/v1/epss?cve=CVE-2013-1048
epss 0.00042 https://api.first.org/data/v1/epss?cve=CVE-2013-1048
epss 0.00042 https://api.first.org/data/v1/epss?cve=CVE-2013-1048
epss 0.00042 https://api.first.org/data/v1/epss?cve=CVE-2013-1048
epss 0.00042 https://api.first.org/data/v1/epss?cve=CVE-2013-1048
epss 0.00042 https://api.first.org/data/v1/epss?cve=CVE-2013-1048
epss 0.00042 https://api.first.org/data/v1/epss?cve=CVE-2013-1048
epss 0.00042 https://api.first.org/data/v1/epss?cve=CVE-2013-1048
epss 0.00042 https://api.first.org/data/v1/epss?cve=CVE-2013-1048
epss 0.00042 https://api.first.org/data/v1/epss?cve=CVE-2013-1048
epss 0.00042 https://api.first.org/data/v1/epss?cve=CVE-2013-1048
epss 0.00042 https://api.first.org/data/v1/epss?cve=CVE-2013-1048
epss 0.00054 https://api.first.org/data/v1/epss?cve=CVE-2013-1048
epss 0.00054 https://api.first.org/data/v1/epss?cve=CVE-2013-1048
epss 0.00054 https://api.first.org/data/v1/epss?cve=CVE-2013-1048
epss 0.00054 https://api.first.org/data/v1/epss?cve=CVE-2013-1048
epss 0.00054 https://api.first.org/data/v1/epss?cve=CVE-2013-1048
epss 0.00054 https://api.first.org/data/v1/epss?cve=CVE-2013-1048
epss 0.00054 https://api.first.org/data/v1/epss?cve=CVE-2013-1048
epss 0.00054 https://api.first.org/data/v1/epss?cve=CVE-2013-1048
epss 0.00054 https://api.first.org/data/v1/epss?cve=CVE-2013-1048
epss 0.00054 https://api.first.org/data/v1/epss?cve=CVE-2013-1048
epss 0.00054 https://api.first.org/data/v1/epss?cve=CVE-2013-1048
epss 0.00054 https://api.first.org/data/v1/epss?cve=CVE-2013-1048
epss 0.00054 https://api.first.org/data/v1/epss?cve=CVE-2013-1048
epss 0.00054 https://api.first.org/data/v1/epss?cve=CVE-2013-1048
epss 0.00054 https://api.first.org/data/v1/epss?cve=CVE-2013-1048
epss 0.00054 https://api.first.org/data/v1/epss?cve=CVE-2013-1048
epss 0.00054 https://api.first.org/data/v1/epss?cve=CVE-2013-1048
epss 0.00054 https://api.first.org/data/v1/epss?cve=CVE-2013-1048
epss 0.00054 https://api.first.org/data/v1/epss?cve=CVE-2013-1048
epss 0.00054 https://api.first.org/data/v1/epss?cve=CVE-2013-1048
epss 0.00054 https://api.first.org/data/v1/epss?cve=CVE-2013-1048
epss 0.00054 https://api.first.org/data/v1/epss?cve=CVE-2013-1048
epss 0.00054 https://api.first.org/data/v1/epss?cve=CVE-2013-1048
epss 0.00054 https://api.first.org/data/v1/epss?cve=CVE-2013-1048
epss 0.00054 https://api.first.org/data/v1/epss?cve=CVE-2013-1048
epss 0.00054 https://api.first.org/data/v1/epss?cve=CVE-2013-1048
epss 0.00054 https://api.first.org/data/v1/epss?cve=CVE-2013-1048
epss 0.00054 https://api.first.org/data/v1/epss?cve=CVE-2013-1048
epss 0.00054 https://api.first.org/data/v1/epss?cve=CVE-2013-1048
epss 0.00054 https://api.first.org/data/v1/epss?cve=CVE-2013-1048
epss 0.00054 https://api.first.org/data/v1/epss?cve=CVE-2013-1048
epss 0.00054 https://api.first.org/data/v1/epss?cve=CVE-2013-1048
epss 0.00054 https://api.first.org/data/v1/epss?cve=CVE-2013-1048
epss 0.00054 https://api.first.org/data/v1/epss?cve=CVE-2013-1048
epss 0.00054 https://api.first.org/data/v1/epss?cve=CVE-2013-1048
epss 0.00054 https://api.first.org/data/v1/epss?cve=CVE-2013-1048
epss 0.00054 https://api.first.org/data/v1/epss?cve=CVE-2013-1048
epss 0.00054 https://api.first.org/data/v1/epss?cve=CVE-2013-1048
epss 0.00054 https://api.first.org/data/v1/epss?cve=CVE-2013-1048
epss 0.00054 https://api.first.org/data/v1/epss?cve=CVE-2013-1048
epss 0.00054 https://api.first.org/data/v1/epss?cve=CVE-2013-1048
epss 0.00054 https://api.first.org/data/v1/epss?cve=CVE-2013-1048
epss 0.00054 https://api.first.org/data/v1/epss?cve=CVE-2013-1048
epss 0.00054 https://api.first.org/data/v1/epss?cve=CVE-2013-1048
epss 0.00054 https://api.first.org/data/v1/epss?cve=CVE-2013-1048
epss 0.00054 https://api.first.org/data/v1/epss?cve=CVE-2013-1048
epss 0.00054 https://api.first.org/data/v1/epss?cve=CVE-2013-1048
epss 0.00054 https://api.first.org/data/v1/epss?cve=CVE-2013-1048
epss 0.00054 https://api.first.org/data/v1/epss?cve=CVE-2013-1048
epss 0.00054 https://api.first.org/data/v1/epss?cve=CVE-2013-1048
epss 0.00054 https://api.first.org/data/v1/epss?cve=CVE-2013-1048
epss 0.00054 https://api.first.org/data/v1/epss?cve=CVE-2013-1048
epss 0.00054 https://api.first.org/data/v1/epss?cve=CVE-2013-1048
epss 0.00054 https://api.first.org/data/v1/epss?cve=CVE-2013-1048
epss 0.00054 https://api.first.org/data/v1/epss?cve=CVE-2013-1048
epss 0.00054 https://api.first.org/data/v1/epss?cve=CVE-2013-1048
epss 0.00054 https://api.first.org/data/v1/epss?cve=CVE-2013-1048
epss 0.00054 https://api.first.org/data/v1/epss?cve=CVE-2013-1048
epss 0.00054 https://api.first.org/data/v1/epss?cve=CVE-2013-1048
epss 0.00054 https://api.first.org/data/v1/epss?cve=CVE-2013-1048
epss 0.00054 https://api.first.org/data/v1/epss?cve=CVE-2013-1048
epss 0.00054 https://api.first.org/data/v1/epss?cve=CVE-2013-1048
epss 0.00054 https://api.first.org/data/v1/epss?cve=CVE-2013-1048
epss 0.00054 https://api.first.org/data/v1/epss?cve=CVE-2013-1048
epss 0.00054 https://api.first.org/data/v1/epss?cve=CVE-2013-1048
epss 0.00054 https://api.first.org/data/v1/epss?cve=CVE-2013-1048
epss 0.00054 https://api.first.org/data/v1/epss?cve=CVE-2013-1048
epss 0.00057 https://api.first.org/data/v1/epss?cve=CVE-2013-1048
cvssv2 4.6 https://nvd.nist.gov/vuln/detail/CVE-2013-1048
Reference id Reference type URL
https://api.first.org/data/v1/epss?cve=CVE-2013-1048
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1048
http://security.debian.org/debian-security/pool/updates/main/a/apache2/apache2_2.2.16-6+squeeze11.diff.gz
http://www.debian.org/security/2013/dsa-2637
cpe:2.3:a:debian:apache2:*:sid:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:debian:apache2:*:sid:*:*:*:*:*:*
cpe:2.3:a:debian:apache2:*:squeeze10:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:debian:apache2:*:squeeze10:*:*:*:*:*:*
cpe:2.3:a:debian:apache2:*:wheezy:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:debian:apache2:*:wheezy:*:*:*:*:*:*
CVE-2013-1048 https://nvd.nist.gov/vuln/detail/CVE-2013-1048
USN-1765-1 https://usn.ubuntu.com/1765-1/
No exploits are available.
Vector: AV:L/AC:L/Au:N/C:P/I:P/A:P Found at https://nvd.nist.gov/vuln/detail/CVE-2013-1048
Exploitability (E) Access Vector (AV) Access Complexity (AC) Authentication (Au) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

high

functional

unproven

proof_of_concept

not_defined

local

adjacent_network

network

high

medium

low

multiple

single

none

none

partial

complete

none

partial

complete

none

partial

complete
Exploit Prediction Scoring System (EPSS)
Percentile 0.05128
EPSS Score 0.00042
Published At Nov. 1, 2024, midnight
Date Actor Action Source VulnerableCode Version
There are no relevant records.