Computer Security
[EN] securityvulns.ru no-pyccku


PHP privilege escalation
Published:30.05.2014
Source:
SecurityVulns ID:13796
Type:local
Threat Level:
5/10
Description:Weak unix socket permissions.
Affected:PHP : PHP 5.5
CVE:CVE-2014-0185 (sapi/fpm/fpm/fpm_unix.c in the FastCGI Process Manager (FPM) in PHP before 5.4.28 and 5.5.x before 5.5.12 uses 0666 permissions for the UNIX socket, which allows local users to gain privileges via a crafted FastCGI client.)
Original documentdocumentMANDRIVA, [ MDVSA-2014:087 ] php (30.05.2014)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod