PublicDate: 2008-04-02 16:44:00 UTC
Candidate: CVE-2008-1614
References:
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1614
 http://lists.marsching.biz/pipermail/suphp/2008-March/001750.html
Description:
 suPHP before 0.6.3 allows local users to gain privileges via (1) a race
 condition that involves multiple symlink changes to point a file owned by a
 different user, or (2) a symlink to the directory of a different user,
 which is used to determine privileges.
Ubuntu-Description:
Notes:
Bugs:
Priority: medium
Discovered-by:
Assigned-to:
CVSS: 

Patches_suphp:
upstream_suphp: released (0.6.3)
dapper_suphp: ignored (reached end-of-life)
edgy_suphp: needed (reached end-of-life)
feisty_suphp: needed (reached end-of-life)
gutsy_suphp: needed (reached end-of-life)
hardy_suphp: released (0.6.2-2ubuntu1)
intrepid_suphp: released (0.6.2-2ubuntu1)
jaunty_suphp: released (0.6.2-2ubuntu1)
karmic_suphp: released (0.6.2-2ubuntu1)
devel_suphp: released (0.6.2-2ubuntu1)