Description

The Debian GNU/Linux /etc/cron.d/php5 cron job for PHP 5.3.5 allows local users to delete arbitrary files via a symlink attack on a directory under /var/lib/php5/.

Remediation

References

CVE-2011-0441

Related Vulnerabilities

Roundcube Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2013-1904)

WordPress Plugin WPtouch 'wptouch_settings' Parameter Cross-Site Scripting (1.9.20)

WordPress URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2020-4048)

Jboss EAP Improper Input Validation Vulnerability (CVE-2011-4575)

Magento Observable Differences in Behavior to Error Inputs Vulnerability (CVE-2020-9690)

Severity

Medium

Classification

CVE-2011-0441 CWE-59

Tags

Missing Update Known Vulnerabilities