CVE Vulnerabilities

CVE-2008-1614

Published: Apr 02, 2008 | Modified: Aug 08, 2017
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
4.3 MEDIUM
AV:L/AC:L/Au:S/C:P/I:P/A:P
RedHat/V2
RedHat/V3
Ubuntu

suPHP before 0.6.3 allows local users to gain privileges via (1) a race condition that involves multiple symlink changes to point a file owned by a different user, or (2) a symlink to the directory of a different user, which is used to determine privileges.

Affected Software

Name Vendor Start Version End Version
Suphp Sebastian_marsching * 0.6.2
Suphp Ubuntu dapper *
Suphp Ubuntu devel *
Suphp Ubuntu edgy *
Suphp Ubuntu feisty *
Suphp Ubuntu gutsy *
Suphp Ubuntu hardy *
Suphp Ubuntu intrepid *
Suphp Ubuntu jaunty *
Suphp Ubuntu karmic *
Suphp Ubuntu upstream *

References