CVE-2005-3319 - Secunia Advisories - Vulnerability Intelligence

CVE Reference: CVE-2005-3319
NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE.

Original Page at CVE MITRE: CVE-2005-3319

Description: The apache2handler SAPI (sapi_apache2.c) in the Apache module (mod_php) for PHP 5.x before 5.1.0 final and 4.4 before 4.4.1 final allows attackers to cause a denial of service (segmentation fault) via the session.save_path option in a .htaccess file or VirtualHost.

CVE Status: Candidate

References: XF http://xforce.iss.net/xforce/xfdb/22844 UBUNTU http://www.ubuntulinux.org/usn/usn-232-1/document_view SREASON http://securityreason.com/securityalert/525 SAID Secunia Advisory: SA18198 Secunia Advisory: SA19064 Secunia Advisory: SA17510 Secunia Advisory: SA17557 Secunia Advisory: SA22691 OSVDB 20491 MANDRIVA http://www.mandriva.com/security/advisories?name=MDKSA-2005:213 HP http://itrc.hp.com/service/cki/docDisplay.do?docId=c00786522 GENTOO http://www.gentoo.org/security/en/glsa/glsa-200511-08.xml FULLDISC http://archives.neohapsis.com/archives/fulldisclosure/2005-10/0491.html CONFIRM http://docs.info.apple.com/article.html?artnum=303382 http://bugs.gentoo.org/show_bug.cgi?id=107602 CERT http://www.us-cert.gov/cas/techalerts/TA06-062A.html BUGTRAQ http://marc.theaimsgroup.com/?l=bugtraq&m=113019286208204&w=2 BID 16907 15177 APPLE http://lists.apple.com/archives/security-announce/2006/Mar/msg00000.html

Return to the previous page.