Описание
PHP 3 and 4 do not properly cleanse user-injected format strings, which allows remote attackers to execute arbitrary commands by triggering error messages that are improperly written to the error logs.
Отчет
This issue was fixed in the following products:
- Red Hat Linux 5.2 - RHSA-2000:088 (2000-10-23)
- Red Hat Linux 6.0 - RHSA-2000:088 (2000-10-23)
- Red Hat Linux 6.1 - RHSA-2000:088 (2000-10-23)
- Red Hat Linux 6.2 - RHSA-2000:088 (2000-10-23)
- Red Hat Linux 7.0 - RHSA-2000:088 (2000-10-23)
- Red Hat Secure Web Server 3.2 - RHSA-2000:095 (2000-10-26)
Дополнительная информация
https://bugzilla.redhat.com/show_bug.cgi?id=1616531security flaw
EPSS
Процентиль: 96%
0.26914
Средний
Связанные уязвимости
nvd
больше 24 лет назад
PHP 3 and 4 do not properly cleanse user-injected format strings, which allows remote attackers to execute arbitrary commands by triggering error messages that are improperly written to the error logs.
github
больше 3 лет назад
PHP 3 and 4 do not properly cleanse user-injected format strings, which allows remote attackers to execute arbitrary commands by triggering error messages that are improperly written to the error logs.
EPSS
Процентиль: 96%
0.26914
Средний