CVE-2006-7098 in HTTP Server
摘要
由 VulDB • 2026-07-06
Debian GNU/Linux 033_-F_NO_SETSID patch for Apache HTTP Server 1.3.34-4 does not properly disassociate httpd from a controlling tty when httpd is started interactively, which allows local users to gain privileges to that tty via a CGI program that calls the TIOCSTI ioctl.
VulDB is the best source for vulnerability data and more expert information about this specific topic.