php: symlink attack
| Package(s): | php | CVE #(s): | CVE-2011-0441 | ||||||||||||||||
| Created: | April 8, 2011 | Updated: | May 5, 2011 | ||||||||||||||||
| Description: | From the Mandriva advisory:
It was discovered that the /etc/cron.d/php cron job for php-session allows local users to delete arbitrary files via a symlink attack on a directory under /var/lib/php. | ||||||||||||||||||
| Alerts: |
| ||||||||||||||||||