Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
6.3
CVSSv2

CVE-2011-0441

Published: 29/03/2011 Updated: 07/11/2023
CVSS v2 Base Score: 6.3 | Impact Score: 9.2 | Exploitability Score: 3.4
VMScore: 561
Vector: AV:L/AC:M/Au:N/C:N/I:C/A:C
Subscribe to Php

Vulnerability Summary

The Debian GNU/Linux /etc/cron.d/php5 cron job for PHP 5.3.5 allows local users to delete arbitrary files via a symlink attack on a directory under /var/lib/php5/.

Vulnerable Product Search on Vulmon Subscribe to Product

php php 5.3.5

Vendor Advisories

Debian Security Advisories: DSA-2195-1 php5 -- several vulnerabilities
Stephane Chazelas discovered that the cronjob of the PHP 5 package in Debian suffers from a race condition which might be used to remove arbitrary files from a system (CVE-2011-0441) When upgrading your php5-common package take special care to accept the changes to the /etc/crond/php5 file Ignoring them would leave the system vulnerable For the ...
Debian CVElist Bug Report Logs: pear download directory is inherited from the build
Debian Bug report logs - #546164 pear download directory is inherited from the build Package: php-pear; Maintainer for php-pear is Debian PHP PEAR Maintainers <pkg-php-pear@listsaliothdebianorg>; Source for php-pear is src:php-pear (PTS, buildd, popcon) Reported by: Federico Gimenez Nieto <fgimenez@coites> Date: ...
Debian CVElist Bug Report Logs: CVE-2011-0441: arbitrary files removal via cronjob
Debian Bug report logs - #618489 CVE-2011-0441: arbitrary files removal via cronjob Package: php5-common; Maintainer for php5-common is Debian PHP Maintainers <pkg-php-maint@listsaliothdebianorg>; Source for php5-common is src:php5 (PTS, buildd, popcon) Reported by: Stephane Chazelas <stephanechazelas@seebytecom> ...
Debian CVElist Bug Report Logs: php5 crypt() does not complete with emtpy salt
Debian Bug report logs - #581170 php5 crypt() does not complete with emtpy salt Package: php5; Maintainer for php5 is Debian PHP Maintainers <pkg-php-maint@listsaliothdebianorg>; Source for php5 is src:php5 (PTS, buildd, popcon) Reported by: "Raoul Bhatia [IPAX]" <rbhatia@ipaxat> Date: Tue, 11 May 2010 10:33:01 ...
Ubuntu Security Notice: php5 regressions
USN 1126-1 introduced two regressions in PHP ...
Ubuntu Security Notice: php5 vulnerabilities
Multiple vulnerabilities in PHP ...
Ubuntu Security Notice: php5 vulnerabilities
Multiple vulnerabilities in PHP ...
Ubuntu Security Notice: php5 regression
USN 1358-1 introduced a regression in PHP ...

References

CWE-59http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=618489http://www.securityfocus.com/bid/46928http://www.mandriva.com/security/advisories?name=MDVSA-2011:069http://www.vupen.com/english/advisories/2011/0910https://exchange.xforce.ibmcloud.com/vulnerabilities/66180http://git.debian.org/?p=pkg-php/php.git%3Ba=commit%3Bh=d09fd04ed7bfcf7f008360c6a42025108925df09https://nvd.nist.govhttps://www.debian.org/security/./dsa-2195https://usn.ubuntu.com/1126-2/
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
blind SQL injectionSSRFbuffer overflowCVE-2023-28952CVE-2023-41822CVE-2024-27956CVE-2023-7028CVE-2024-34447CVE-2024-34460
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook