July 26, 2001

Trustix advisory for PHPLib

Author: JT Smith

From the advisory, posted at Linux Weekly News: "By providing a value for the the array element $_PHPLIB[libdir], an
intruder can force a script to load and execute scripts from another
server.
This is because the value of $_PHPLIB[libdir] gets initalized *only*
if not already set."

Category:

  • Linux
Click Here!