CVE-2011-1072 - Improper Link Resolution Before File Access ('Link Following')

Severity

32%

Complexity

34%

Confidentiality

81%

The installer in PEAR before 1.9.2 allows local users to overwrite arbitrary files via a symlink attack on the package.xml file, related to the (1) download_dir, (2) cache_dir, (3) tmp_dir, and (4) pear-build-download directories, a different vulnerability than CVE-2007-2519.

The installer in PEAR before 1.9.2 allows local users to overwrite arbitrary files via a symlink attack on the package.xml file, related to the (1) download_dir, (2) cache_dir, (3) tmp_dir, and (4) pear-build-download directories, a different vulnerability than CVE-2007-2519.

CVSS 2.0 Base Score 3.3. CVSS Attack Vector: local. CVSS Attack Complexity: medium. CVSS Vector: (AV:L/AC:M/Au:N/C:N/I:P/A:P).

Overview

First reported 13 years ago

2011-03-03 01:00:00

Last updated 5 years ago

2020-01-23 14:33:00

Affected Software

PHP PEAR 0.9

0.9

PHP PEAR 0.10

0.10

PHP PEAR 0.11

0.11

PHP PEAR 0.90

0.90

PHP PEAR 1.0

1.0

PHP PEAR 1.0.1

1.0.1

PHP PEAR 1.1

1.1

PHP PEAR 1.2

1.2

PHP PEAR 1.2.1

1.2.1

PHP PEAR 1.3

1.3

PHP PEAR 1.3.1

1.3.1

PHP PEAR 1.3.3

1.3.3

PHP PEAR 1.3.3.1

1.3.3.1

PHP PEAR 1.3.4

1.3.4

PHP PEAR 1.3.5

1.3.5

PHP PEAR 1.3.6

1.3.6

PHP PEAR 1.4.0

1.4.0

PHP PEAR 1.4.0RC1

1.4.0

PHP PEAR 1.4.0RC2

1.4.0

PHP PEAR 1.4.1

1.4.1

PHP PEAR 1.4.2

1.4.2

PHP PEAR 1.5.1

1.5.1

PHP PEAR 1.6.1

1.6.1

PHP PEAR

References

http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=546164

http://news.php.net/php.pear.cvs/61264

Patch

[oss-security] 20110228 Re: CVE Request: PEAR Installer 1.9.1 <= - Symlink Attack

[oss-security] 20110228 CVE Request: PEAR Installer 1.9.1 <= - Symlink Attack

[oss-security] 20110228 Re: CVE Request: PEAR Installer 1.9.1 <= - Symlink Attack

[oss-security] 20110301 Re: CVE Request: PEAR Installer 1.9.1 <= - Symlink Attack

[oss-security] 20110301 Re: CVE Request: PEAR Installer 1.9.1 <= - Symlink Attack

[oss-security] 20110301 Re: CVE Request: PEAR Installer 1.9.1 <= - Symlink Attack

[oss-security] 20110301 Re: CVE Request: PEAR Installer 1.9.1 <= - Symlink Attack

[oss-security] 20110301 Re: CVE Request: PEAR Installer 1.9.1 <= - Symlink Attack

http://pear.php.net/advisory-20110228.txt

Vendor Advisory

http://pear.php.net/bugs/bug.php?id=18056

Exploit

43533

Vendor Advisory

http://security-tracker.debian.org/tracker/CVE-2011-1072

http://svn.php.net/viewvc?view=revision&revision=308687

Patch

MDVSA-2011:187

RHSA-2011:1741

46605

pear-pear-installer-symlink(65721)

Stay updated

ExploitPedia is constantly evolving. Sign up to receive a notification when we release additional functionality.

Get in touch

If you'd like to report a bug or have any suggestions for improvements then please do get in touch with us using this form. We will get back to you as soon as we can.