Family: Slackware Local Security Checks --> Category: infos
SSA-2004-154-02 PHP local security issue Vulnerability Scan
Vulnerability Scan Summary
SSA-2004-154-02 PHP local security issue
Detailed Explanation for this Vulnerability Test
New PHP packages are available for Slackware 8.1, 9.0, 9.1, and -current
to fix a security issue. These fix a problem in previous Slackware php
packages where linking PHP against a static library in an insecure path
(under /tmp) could allow a local attacker to place shared libraries at
this location causing PHP to crash, or to execute arbitrary code as the
PHP user (which is by default, "nobody").
Thanks to Bryce Nichols for researching and reporting this issue.
Click HERE for more information and discussions on this network vulnerability scan.