GLSA-200804-19 : PHP Toolkit: Data disclosure and Denial of Service

Low Nessus Plugin ID 32012


The remote Gentoo host is missing one or more security-related patches.


The remote host is affected by the vulnerability described in GLSA-200804-19 (PHP Toolkit: Data disclosure and Denial of Service)

Toni Arnold, David Sveningsson, Michal Bartoszkiewicz, and Joseph reported that php-select does not quote parameters passed to the 'tr' command, which could convert the '-D PHP5' argument in the 'APACHE2_OPTS' setting in the file /etc/conf.d/apache2 to lower case.
Impact :

An attacker could entice a system administrator to run 'emerge php' or call 'php-select -t apache2 php5' directly in a directory containing a lower case single-character named file, which would prevent Apache from loading mod_php and thereby disclose PHP source code and cause a Denial of Service.
Workaround :

Do not run 'emerge' or 'php-select' from a working directory which contains a lower case single-character named file.


All PHP Toolkit users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot --verbose '>=app-admin/php-toolkit-1.0.1'

See Also

Plugin Details

Severity: Low

ID: 32012

File Name: gentoo_GLSA-200804-19.nasl

Version: $Revision: 1.12 $

Type: local

Published: 2008/04/22

Modified: 2015/04/13

Dependencies: 12634

Risk Information

Risk Factor: Low


Base Score: 3.6

Vector: CVSS2#AV:L/AC:L/Au:N/C:P/I:N/A:P

Vulnerability Information

CPE: p-cpe:/a:gentoo:linux:php-toolkit, cpe:/o:gentoo:linux

Required KB Items: Host/local_checks_enabled, Host/Gentoo/release, Host/Gentoo/qpkg-list

Patch Publication Date: 2008/04/17

Reference Information

CVE: CVE-2008-1734

OSVDB: 44728

GLSA: 200804-19

CWE: 20