Описание
PHP 3 and 4 do not properly cleanse user-injected format strings, which allows remote attackers to execute arbitrary commands by triggering error messages that are improperly written to the error logs.
Отчет
This issue was fixed in the following products:
- Red Hat Linux 5.2 - RHSA-2000:088 (2000-10-23)
- Red Hat Linux 6.0 - RHSA-2000:088 (2000-10-23)
- Red Hat Linux 6.1 - RHSA-2000:088 (2000-10-23)
- Red Hat Linux 6.2 - RHSA-2000:088 (2000-10-23)
- Red Hat Linux 7.0 - RHSA-2000:088 (2000-10-23)
- Red Hat Secure Web Server 3.2 - RHSA-2000:095 (2000-10-26)
Дополнительная информация
https://bugzilla.redhat.com/show_bug.cgi?id=1616531security flaw
Связанные уязвимости
nvd
около 25 лет назад
PHP 3 and 4 do not properly cleanse user-injected format strings, which allows remote attackers to execute arbitrary commands by triggering error messages that are improperly written to the error logs.
github
почти 4 года назад
PHP 3 and 4 do not properly cleanse user-injected format strings, which allows remote attackers to execute arbitrary commands by triggering error messages that are improperly written to the error logs.