----- Forwarded message from Martin Schulze <joey@infodrom.org> -----
--------------------------------------------------------------------------
Debian Security Advisory DSA 168-1 security@debian.org
Debian -- Security Information Martin Schulze
September 18th, 2002 Debian -- Debian security FAQ
--------------------------------------------------------------------------Package : PHP3, PHP4
Vulnerability : bypassing safe_mode, CRLF injection
Problem-Type : remote
Debian-specific: no
CVE ID : CAN-2002-0985 CAN-2002-0986
BugTraq ID : 5681Wojciech Purczynski found out that it is possible for scripts to pass
arbitrary text to sendmail as commandline extension when sending a
mail through PHP even when safe_mode is turned on. Passing 5th
argument should be disabled if PHP is configured in safe_mode, which
is the case for newer PHP versions and for the versions below. This
does not affect PHP3, though.
../...
Pour ceussent qui se demandaient pourquoi rester en PHP3