CVE-2006-7098P4MEDIUMCVSS 6.6PoCv1.3.34.42007-03-03
CVE-2006-7098 [MEDIUM] CWE-264 CVE-2006-7098: The Debian GNU/Linux 033_-F_NO_SETSID patch for the Apache HTTP Server 1.3.34-4 does not properly di
The Debian GNU/Linux 033_-F_NO_SETSID patch for the Apache HTTP Server 1.3.34-4 does not properly disassociate httpd from a controlling tty when httpd is started interactively, which allows local users to gain privileges to that tty via a CGI program that calls the TIOCSTI ioctl.
nvd