Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2003-0097

Overview

Vulnerability Score 7.5 7.5
CVE Id CVE-2003-0097
Last Modified 10 Sep 2008 08:05:49
Published 03 Mar 2003 12:00:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2003-0097

Summary

Unknown vulnerability in CGI module for PHP 4.3.0 allows attackers to access arbitrary files as the PHP user, and possibly execute PHP code, by bypassing the CGI force redirect settings (cgi.force_redirect or --enable-force-cgi-redirect).

Vulnerable Systems

Application

  • Php 4.3


References

GENTOO - GLSA-200302-09

BUGTRAQ - 20030217 PHP Security Advisory: CGI vulnerability in PHP version 4.3.0

CONFIRM - http://www.slackware.com/changelog/current.php?cpu=i386

XF - php-cgi-sapi-access(11343)

BID - 6875

GENTOO - GLSA-200302-09.1


Last Updated: 27 May 2016 10:37:47