CVE 2012-0883
'envvars (aka envvars-std) in the Apache HTTP Server before 2.4.2 places a zero-length directory name in the LD_LIBRARY_PATH, which allows local users to gain privileges via a Trojan horse DSO in the current working directory during execution of apachectl.'
ClearCenter response
Short response
Not vulnerable.
Long response
The version of apache that ships with ClearOS is not vulnerable to this security issue.
Resolution
No action required.
Links
content/en_us/announcements_cve_cve-2012-0883.txt · Last modified: 2014/12/22 11:30 by dloper