Описание
PHP 3 and 4 do not properly cleanse user-injected format strings, which allows remote attackers to execute arbitrary commands by triggering error messages that are improperly written to the error logs.
Отчет
This issue was fixed in the following products:
- Red Hat Linux 5.2 - RHSA-2000:088 (2000-10-23)
- Red Hat Linux 6.0 - RHSA-2000:088 (2000-10-23)
- Red Hat Linux 6.1 - RHSA-2000:088 (2000-10-23)
- Red Hat Linux 6.2 - RHSA-2000:088 (2000-10-23)
- Red Hat Linux 7.0 - RHSA-2000:088 (2000-10-23)
- Red Hat Secure Web Server 3.2 - RHSA-2000:095 (2000-10-26)
Ссылки на источники
Дополнительная информация
https://bugzilla.redhat.com/show_bug.cgi?id=1616531security flaw
Связанные уязвимости
nvd
больше 24 лет назад
PHP 3 and 4 do not properly cleanse user-injected format strings, which allows remote attackers to execute arbitrary commands by triggering error messages that are improperly written to the error logs.
github
около 3 лет назад
PHP 3 and 4 do not properly cleanse user-injected format strings, which allows remote attackers to execute arbitrary commands by triggering error messages that are improperly written to the error logs.