CVE-2003-1307 in PHPinfo

Summary

** DISPUTED ** The mod_php module for the Apache HTTP Server allows local users with write access to PHP scripts to send signals to the server s process group and use the server s file descriptors, as demonstrated by sending a STOP signal, then intercepting incoming connections on the server s TCP port. NOTE: the PHP developer has disputed this vulnerability, saying "The opened file descriptors are opened by Apache. It is the job of Apache to protect them ... Not a bug in PHP."

If you want to get best quality of vulnerability data, you may have to visit VulDB.

Reservation

10/23/2006

Disclosure

12/31/2003

Status

Confirmed

Entries

CPE

ready

CWE

CWE-200

Exploit

Download

CVSS

3.5

EPSS

0.01240

CTI

0.00

Sources

MITRE	https://www.cve.org/CVERecord?id=CVE-2003-1307
NVD	https://nvd.nist.gov/vuln/detail/CVE-2003-1307
CVE Details	https://www.cvedetails.com/cve/CVE-2003-1307/

◂ Previous Overview Next ▸

Are you interested in using VulDB?

Download the whitepaper to learn more about our service!