PHP .htaccess Attribute Transfer Vulnerability
|
Bugtraq ID:
|
2206
|
|
Class:
|
Access Validation Error
|
|
CVE:
|
|
|
Remote:
|
Yes
|
|
Local:
|
No
|
|
Published:
|
Jan 16 2001 12:00AM
|
|
Updated:
|
Jan 16 2001 12:00AM
|
|
Credit:
|
This vulnerability was first announced by Zeev Suraski <zeev@zend.com> on January 12, 2001 via Bugtraq.
|
|
Vulnerable:
|
PHP PHP 4.0.4
+
Compaq Compaq Secure Web Server PHP 1.0
+
Conectiva Linux 6.0
+
Guardian Digital Engarde Secure Linux 1.0.1
+
S.u.S.E. Linux 7.2
+
S.u.S.E. Linux 7.1 x86
+
S.u.S.E. Linux 7.1 sparc
+
S.u.S.E. Linux 7.1 ppc
+
S.u.S.E. Linux 7.1 alpha
+
S.u.S.E. Linux 7.1
+
S.u.S.E. Linux 7.0 sparc
+
S.u.S.E. Linux 7.0 ppc
+
S.u.S.E. Linux 7.0 i386
+
S.u.S.E. Linux 7.0 alpha
+
S.u.S.E. Linux 7.0
PHP PHP 4.0.3
+
Debian Linux 2.2 sparc
+
Debian Linux 2.2 powerpc
+
Debian Linux 2.2 IA-32
+
Debian Linux 2.2 arm
+
Debian Linux 2.2 alpha
+
Debian Linux 2.2 68k
+
Debian Linux 2.2
+
Sun Cobalt Control Station 4100CS
+
Sun Cobalt Qube3 Japanese 4000WGJ
+
Sun Cobalt Qube3 Japanese w/ Caching and RAID 4100WGJ
+
Sun Cobalt Qube3 Japanese w/Caching 4010WGJ
+
Sun Cobalt RaQ XTR 3500R
+
Sun Cobalt RaQ XTR Japanese 3500R-ja
PHP PHP 4.0.1
+
Sun Cobalt Qube3 4000WG
+
Sun Cobalt Qube3 w/ Caching and RAID 4100WG
+
Sun Cobalt Qube3 w/Caching 4010WG
+
Sun Cobalt RaQ4 3001R
+
Sun Cobalt RaQ4 Japanese RAID 3100R-ja
+
Sun Cobalt RaQ4 RAID 3100R
PHP PHP 4.0 0
Mandriva Linux Mandrake 7.2
|
|
|
|
Not Vulnerable:
|
|
|
