https://bugzilla.novell.com/show_bug.cgi?id=334440 Summary: VUL-0: php ftp extension arbitrary FTP commands issue (CVE-2007-2509) Product: openSUSE 10.3 Version: Final Platform: All OS/Version: openSUSE 10.3 Status: NEW Severity: Normal Priority: P5 - None Component: Security AssignedTo: crrodriguez@novell.com ReportedBy: crrodriguez@novell.com QAContact: qa@suse.de CC: security-team@suse.de, mmarek@novell.com Found By: Other A flaw was found in the PHP "ftp" extension. If a PHP script used this extension to provide access to a private FTP server, and passed untrusted script input directly to any function provided by this extension, a remote attacker would be able to send arbitrary FTP commands to the server. (CVE-2007-2509) -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.