RSS   Vulnerabilities for 'Php toolkit'   RSS

2008-04-18
 
CVE-2008-1734

CWE-20
 

 
Interpretation conflict in PHP Toolkit before 1.0.1 on Gentoo Linux might allow local users to cause a denial of service (PHP outage) and read contents of PHP scripts by creating a file with a one-letter lowercase alphabetic name, which triggers interpretation of a certain unquoted [a-z] argument as a matching shell glob for this name, rather than interpretation as the literal [a-z] regular-expression string, and consequently blocks the launch of the PHP interpreter within the Apache HTTP Server.

 

 >>> Vendor: Gentoo 27 Products
Linux
Syslinux
Mirrorselect
Poppassd pam
Webmin
Rootkit hunter
Linux webapp-config
Linux eix
Qt-unixodbc
Nview
Xnview
App-crypt pinentry
Media-libs jpeg
FILE
Glibc
Nvclock
Mldonkey ebuild
Portage
Xdg-utils
Php toolkit
CMAN
Fence
Logrotate
Nullmailer
Libsndfile
Dev-python-flower
Sci-mathematics-gimps


Copyright 2019, cxsecurity.com

 

Back to Top