Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2008-1734


Vulnerability Score 3.6 3.6
CVE Id CVE-2008-1734
Last Modified 05 Sep 2008 12:00:00
Published 18 Apr 2008 11:05:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact NONE NONE
Availability Impact PARTIAL PARTIAL
Access Vector LOCAL
Access Complexity LOW
Authentication NONE



Interpretation conflict in PHP Toolkit before 1.0.1 on Gentoo Linux might allow local users to cause a denial of service (PHP outage) and read contents of PHP scripts by creating a file with a one-letter lowercase alphabetic name, which triggers interpretation of a certain unquoted [a-z] argument as a matching shell glob for this name, rather than interpretation as the literal [a-z] regular-expression string, and consequently blocks the launch of the PHP interpreter within the Apache HTTP Server.

Vulnerable Systems


  • Gentoo Php Toolkit 1.0


XF - phptoolkit-phpselect-dos(41928)

BID - 28844

GENTOO - GLSA-200804-19


Last Updated: 27 May 2016 10:47:38