Executive Summary

Informations
NameCVE-2012-0216First vendor Publication2012-04-22
VendorCveLast vendor Modification2012-08-13

Security-Database Scoring CVSS v2

Cvss vector : (AV:L/AC:M/Au:N/C:P/I:P/A:P)
Cvss Base Score4.4Attack RangeLocal
Cvss Impact Score6.4Attack ComplexityMedium
Cvss Expoit Score3.4AuthenticationNone Required
Calculate full CVSS 2.0 Vectors scores

Detail

The default configuration of the apache2 package in Debian GNU/Linux squeeze before 2.2.16-6+squeeze7, wheezy before 2.2.22-4, and sid before 2.2.22-4, when mod_php or mod_rivet is used, provides example scripts under the doc/ URI, which might allow local users to conduct cross-site scripting (XSS) attacks, gain privileges, or obtain sensitive information via vectors involving localhost HTTP requests to the Apache HTTP Server.

Original Source

Url : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0216

CPE : Common Platform Enumeration

TypeDescriptionCount
Application3

OpenVAS Exploits

DateDescription
2012-04-30Name : Debian Security Advisory DSA 2452-1 (apache2)
File : nvt/deb_2452_1.nasl

Nessus® Vulnerability Scanner

DateDescription
2012-04-16Name : The remote Debian host is missing a security-related update.
File : debian_DSA-2452.nasl - Type : ACT_GATHER_INFO

Internal Sources (Detail)

SourceUrl
DEBIANhttp://www.debian.org/security/2012/dsa-2452
XFhttp://xforce.iss.net/xforce/xfdb/75211

Alert History

If you want to see full details history, please login or register.
0
1
DateInformations
2014-02-17 11:07:14
  • Multiple Updates
2013-05-10 22:31:59
  • Multiple Updates