3.6 Low
CVSS2
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:L/AC:L/Au:N/C:N/I:P/A:P
0.001 Low
EPSS
Percentile
26.7%
The PEAR_REST class in REST.php in PEAR in PHP through 5.6.0 allows local
users to write to arbitrary files via a symlink attack on a (1)
rest.cachefile or (2) rest.cacheid file in /tmp/pear/cache/, related to the
retrieveCacheFirst and useLocalCache functions.
Author | Note |
---|---|
jdstrand | Upstream states this is a known issue |
sbeattie | upstream claims fixed in 1.9.2, but still uses /tmp/pear/ according to debian bug report |
mdeslaur | 1.9.2+ only a DoS |
rodrigo-zaiden | No complete fix was provided as of 2022-03-08. |