Login or Register to Ask a Question and Join Our Community


Security Advisories (RSS)

S-286: PHP Path Translation Vulnerability

Login to Discuss or Reply to this Discussion in Our Community

 
Thread Tools Search this Thread
Special Forums Cybersecurity Security Advisories (RSS) S-286: PHP Path Translation Vulnerability
# 1  
Old 05-09-2008
S-286: PHP Path Translation Vulnerability
PHP contains a path translation vulnerability that may allow an attacker to execute arbitrary code. The risk is MEDIUM. An attacker may be able to execute arbitrary code in the context of an application that uses the vulnerable function. The scope of the impact depends on how the affected application works. Applications that process filename input from the network, such as public-facing web applications, would be vulnerable to a remote attacker.


More...
Login or Register to Ask a Question

Previous Thread | Next Thread

3 More Discussions You Might Find Interesting

1. Emergency UNIX and Linux Support

Migration of website... PHP/Mysql -which path for DB.php

Hi, I have two websites: website1.com and website2.com I didn't write either but have successfully moved all the files from website1.com to website2.com I (thought) I installed all the correct php modules and website2 is mostly up and running. However, my boss found that when we go to a... (15 Replies)
Discussion started by: Astrocloud
15 Replies

2. Shell Programming and Scripting

Parsing 286 length Character string

Hi Friends, I have .txt file which has 13000 records. Each record is 278 character long. I am using below code to extract the string and it takes almost 10 minutes. Any suggestion please. cat filename.txt|while read line do f1=`echo $line|awk '{print substr($1,1,9)}'` f2=`echo... (6 Replies)
Discussion started by: ppat7046
6 Replies

3. UNIX for Dummies Questions & Answers

Unix for 286

Hey, I think I probably qualify as a pre-newbie, so take it slow with me. I'm putting together a 286 system for bits and pieces from my dad's basement and I'm wondering what flavour of unix I should look at putting on it. I'm not looking for a bells and whistles version, just an alternative... (4 Replies)
Discussion started by: Pinck
4 Replies
Login or Register to Ask a Question

LEARN ABOUT DEBIAN

php-config

php-config(1)                                                   Scripting Language                                                   php-config(1)

NAME

       php-config - get information about PHP configuration and compile options

SYNOPSIS

       php-config [options]

DESCRIPTION

       php-config is a simple shell script for obtaining information about installed PHP configuration.

OPTIONS

       --prefix       Directory prefix where PHP is installed, e.g. /usr/local
       --includes     List of -I options with all include files
       --ldflags      LD Flags which PHP was compiled with
       --libs         Extra libraries which PHP was compiled with
       --man-dir      The directory prefix where the manpages is installed
       --extension-dir
                      Directory where extensions are searched by default
       --include-dir  Directory prefix where header files are installed by default
       --php-binary   Full path to php CLI or CGI binary
       --php-sapis    Show all SAPI modules installed on the Debian system
       --configure-options
                      Configure options to recreate configuration of current PHP installation
       --version      PHP version
       --vernum       PHP version as integer

SEE ALSO

       php(1)

VERSION INFORMATION

       This manpage describes php, version 7.0.33-6+ubuntu18.04.1+deb.sury.org+3.

COPYRIGHT

       Copyright (C) 1997-2017 The PHP Group

       This  source  file  is  subject to version 3.01 of the PHP license, that is bundled with this package in the file LICENSE, and is available
       through the world-wide-web at the following url:
       http://www.php.net/license/3_01.txt

       If you did not receive a copy of the PHP license and  are  unable  to  obtain  it  through  the  world-wide-web,  please  send  a  note  to
       license@php.net so we can mail you a copy immediately.

The PHP Group                                                          2017                                                          php-config(1)