~wgrant/ubuntu-cve-tracker/mainold

« back to all changes in this revision

Viewing changes to active/CVE-2008-1614

• browse files at revision 1093
• compare with another revision
• download diff
• download tarball
• view history from revision 1093

Show diffs side-by-side

added

removed

active/CVE-2008-1614

 

1

Candidate: CVE-2008-1614

 

2

References:

 

3

 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1614

 

4

 http://lists.marsching.biz/pipermail/suphp/2008-March/001750.html

 

5

Description:

 

6

 suPHP before 0.6.3 allows local users to gain privileges via (1) a race

 

7

 condition that involves multiple symlink changes to point a file owned by a

 

8

 different user, or (2) a symlink to the directory of a different user,

 

9

 which is used to determine privileges.

 

10

Ubuntu-Description:

 

11

Notes:

 

12

Bugs:

 

13

Priority: medium

 

14

Discovered-by:

 

15

Assigned-to:

 

16

 

 

17

Patches_suphp:

 

18

upstream_suphp: released (0.6.3)

 

19

dapper_suphp: needed

 

20

edgy_suphp: needed

 

21

feisty_suphp: needed

 

22

gutsy_suphp: needed

 

23

devel_suphp: needed

• Older »

Loggerhead is a web-based interface for Breezy
Version: 2.0.1