Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!

Bug 386167

Summary: dev-php/simpletest: information disclosure (CVE-2011-3801)
Product: Gentoo Security Reporter: GLSAMaker/CVETool Bot <glsamaker>
Component: VulnerabilitiesAssignee: Gentoo Security <security>
Status: RESOLVED FIXED    
Severity: trivial CC: php-bugs
Priority: Normal    
Version: unspecified   
Hardware: All   
OS: Linux   
Whiteboard: ~4 [noglsa]
Package list:
Runtime testing required: ---

Description GLSAMaker/CVETool Bot gentoo-dev 2011-10-07 23:12:46 UTC 
CVE-2011-3801 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3801):
  SimpleTest 1.0.1 allows remote attackers to obtain sensitive information via
  a direct request to a .php file, which reveals the installation path in an
  error message, as demonstrated by test/visual_test.php and certain other
  files.
Comment 1 Chris Reffett (RETIRED) gentoo-dev Security 2013-09-12 22:03:12 UTC 
1.1.0 in tree. No affected versions. Closing noglsa.