VULHUB ™

PHP is the Personal Home Page package developed and maintained by the PHP Development Team. It is an open source, freely available, widely deployed package designed to enhance website content. A problem in the package could allow external users to view the source code of PHP scripts. This problem is due to a bug in the PHP code, combined with a system using Apache and PHP and hosting several virtual hosts. When the PHP software is installed and turned off via configuration parameter "engine = off", it is possible for this configuration to affect not only the intended virtual host, but all virtual hosts managed by the system. In the event of such a configuration, it is possible for a malicious user to attain the source of various PHP scripts, which could lead to intelligence gathering and attack. This problem affects the PHP 4.x series on Apache Webserver only, and does not affect the PHP 3.x series.

PHP is the Personal Home Page package developed and maintained by the PHP Development Team. It is an open source, freely available, widely deployed package designed to enhance website content. A problem in the package could allow external users to view the source code of PHP scripts. This problem is due to a bug in the PHP code, combined with a system using Apache and PHP and hosting several virtual hosts. When the PHP software is installed and turned off via configuration parameter "engine = off", it is possible for this configuration to affect not only the intended virtual host, but all virtual hosts managed by the system. In the event of such a configuration, it is possible for a malicious user to attain the source of various PHP scripts, which could lead to intelligence gathering and attack. This problem affects the PHP 4.x series on Apache Webserver only, and does not affect the PHP 3.x series.