Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2003-1307

Overview

Vulnerability Score 4.3 4.3
CVE Id CVE-2003-1307
Last Modified 05 Sep 2008 04:36:35
Published 31 Dec 2003 12:00:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector LOCAL
Access Complexity LOW
Authentication SINGLE_INSTANCE

CVE-2003-1307

Summary

** DISPUTED ** The mod_php module for the Apache HTTP Server allows local users with write access to PHP scripts to send signals to the server's process group and use the server's file descriptors, as demonstrated by sending a STOP signal, then intercepting incoming connections on the server's TCP port. NOTE: the PHP developer has disputed this vulnerability, saying "The opened file descriptors are opened by Apache. It is the job of Apache to protect them ... Not a bug in PHP."

Vulnerable Systems

Application

  • Apache Http Server 2.0

  • Apache Http Server 2.0.28

  • Apache Http Server 2.0.32

  • Apache Http Server 2.0.34

  • Apache Http Server 2.0.35

  • Apache Http Server 2.0.36

  • Apache Http Server 2.0.37

  • Apache Http Server 2.0.38

  • Apache Http Server 2.0.39

  • Apache Http Server 2.0.40

  • Apache Http Server 2.0.41

  • Apache Http Server 2.0.42

  • Apache Http Server 2.0.43

  • Apache Http Server 2.0.44

  • Apache Http Server 2.0.45

  • Apache Http Server 2.0.46

  • Apache Http Server 2.0.47

  • Apache Http Server 2.0.48

  • Apache Http Server 2.0.9


References

BID - 9302

BUGTRAQ - 20061020 Re: PHP "exec", "system", "popen" (+small POC)

BUGTRAQ - 20061019 PHP "exec", "system", "popen" problem

BUGTRAQ - 20031226 Hijacking Apache https by mod_php

MISC - http://hackerdom.ru/~dimmo/phpexpl.c

MISC - http://bugs.php.net/38915


Last Updated: 27 May 2016 10:38:18