Debian DSA-1550-1 : suphp - programming error

It was discovered that suphp, an Apache module to run PHP scripts with owner permissions handles symlinks insecurely, which may lead to privilege escalation by local users. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted...

Debian Security Advisory DSA 1550-1 (suphp)

The remote host is missing an update to suphp announced via advisory DSA 1550-1. OpenVAS Vulnerability Test $Id: deb15501.nasl 6616 2017-07-07 12:10:49Z cfischer $ Description: Auto-generated from advisory DSA 1550-1 suphp Authors: Thomas Reinke Copyright: Copyright c 2008 E-Soft Inc...

Debian: Security Advisory (DSA-1550-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2008 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[SECURITY] [DSA 1550-1] New suphp packages fix local privilege escalation

------------------------------------------------------------------------ Debian Security Advisory DSA-1550-1 [email protected] http://www.debian.org/security/ Moritz Muehlenhoff April 17, 2008 http://www.debian.org/security/faq -...

DSA-1550-1 suphp

Bulletin has no description...

FreeBSD : suphp -- multiple local privilege escalation vulnerabilities (fb672330-02db-11dd-bd06-0017319806e7)

Multiple local privilege escalation are found in the symlink verification code. An attacker may use it to run a PHP script with the victim's privilege. This attack is a little harder when suphp operates in paranoid mode. For suphp that runs in owner mode which is the default in ports, immediate...

CVE-2008-1614

suPHP before 0.6.3 allows local users to gain privileges via 1 a race condition that involves multiple symlink changes to point a file owned by a different user, or 2 a symlink to the directory of a different user, which is used to determine privileges...

Race condition

suPHP before 0.6.3 allows local users to gain privileges via 1 a race condition that involves multiple symlink changes to point a file owned by a different user, or 2 a symlink to the directory of a different user, which is used to determine privileges...

CVE-2008-1614

suPHP before 0.6.3 allows local users to gain privileges via 1 a race condition that involves multiple symlink changes to point a file owned by a different user, or 2 a symlink to the directory of a different user, which is used to determine privileges...

CVE-2008-1614

suPHP before 0.6.3 allows local users to gain privileges via 1 a race condition that involves multiple symlink changes to point a file owned by a different user, or 2 a symlink to the directory of a different user, which is used to determine privileges...

CVE-2008-1614

CVE-2008-1614 affects the suphp Apache module. The vulnerability follows a local-privilege-escalation pattern via (1) a race condition involving multiple symlink changes to a file owned by another user, and (2) a symlink to the directory of a different user used to determine privileges. Affected ...

suphp -- multiple local privilege escalation vulnerabilities

Multiple local privilege escalation are found in the symlink verification code. An attacker may use it to run a PHP script with the victim's privilege. This attack is a little harder when suphp operates in paranoid mode. For suphp that runs in owner mode which is the default in ports, immediate...