SecuritySpace - CVE-2008-1734

Vulnerability Search		Search 324607 CVE descriptions and 145615 test descriptions, access 10,000+ cross references.
	Tests CVE All

CVE ID: CVE-2008-1734

Description: Interpretation conflict in PHP Toolkit before 1.0.1 on Gentoo Linux might allow local users to cause a denial of service (PHP outage) and read contents of PHP scripts by creating a file with a one-letter lowercase alphabetic name, which triggers interpretation of a certain unquoted [a-z] argument as a matching shell glob for this name, rather than interpretation as the literal [a-z] regular-expression string, and consequently blocks the launch of the PHP interpreter within the Apache HTTP Server.

Test IDs: 1.3.6.1.4.1.25623.1.0.60819

Cross References: Common Vulnerability Exposure (CVE) ID: CVE-2008-1734
BugTraq ID: 28844
http://www.securityfocus.com/bid/28844
http://security.gentoo.org/glsa/glsa-200804-19.xml
http://bugs.gentoo.org/show_bug.cgi?id=209535
XForce ISS Database: phptoolkit-phpselect-dos(41928)
https://exchange.xforce.ibmcloud.com/vulnerabilities/41928

CVE ID:	CVE-2008-1734
Description:	Interpretation conflict in PHP Toolkit before 1.0.1 on Gentoo Linux might allow local users to cause a denial of service (PHP outage) and read contents of PHP scripts by creating a file with a one-letter lowercase alphabetic name, which triggers interpretation of a certain unquoted [a-z] argument as a matching shell glob for this name, rather than interpretation as the literal [a-z] regular-expression string, and consequently blocks the launch of the PHP interpreter within the Apache HTTP Server.
Test IDs:	1.3.6.1.4.1.25623.1.0.60819
Cross References:	Common Vulnerability Exposure (CVE) ID: CVE-2008-1734 BugTraq ID: 28844 http://www.securityfocus.com/bid/28844 http://security.gentoo.org/glsa/glsa-200804-19.xml http://bugs.gentoo.org/show_bug.cgi?id=209535 XForce ISS Database: phptoolkit-phpselect-dos(41928) https://exchange.xforce.ibmcloud.com/vulnerabilities/41928