Wind River Support Network

HomeDefectsLIN6-7418

Fixed

LIN6-7418 : Security Advisory - php - CVE-2014-0185

Created: May 15, 2014 Updated: Dec 3, 2018

Resolved Date: Jun 25, 2014

Found In Version: 6.0.0.10

Fix Version: 6.0.0.10

Severity: Standard

Applicable for: Wind River Linux 6

Component/s: Userspace

Description

sapi/fpm/fpm/fpm_unix.c in the FastCGI Process Manager (FPM) in PHP before 5.4.28 and 5.5.x before 5.5.12 uses 0666 permissions for the UNIX socket, which allows local users to gain privileges via a crafted FastCGI client.

http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-0185

Other Downloads

Wind River Linux 6.0.0.29
Wind River Linux 6.0.0.30
Wind River Linux 6.0.0.31
Wind River Linux 6.0.0.32
Wind River Linux 6.0.0.33
Wind River Linux 6.0.0.34
Wind River Linux 6.0.0.35
Wind River Linux 6.0.0.36
Wind River Linux 6.0.0.37
Wind River Linux 6.0.0.38