CVE-2008-1614

Name	CVE-2008-1614
Description	suPHP before 0.6.3 allows local users to gain privileges via (1) a race condition that involves multiple symlink changes to point a file owned by a different user, or (2) a symlink to the directory of a different user, which is used to determine privileges.
Source	CVE (at NVD; CERT, ENISA, LWN, oss-sec, fulldisc, Debian ELTS, Red Hat, Ubuntu, Gentoo, SUSE bugzilla/CVE, GitHub advisories/code/issues, web search, more)
References	DSA-1550-1, DTSA-124-1
Debian Bugs	475431

The information below is based on the following data on fixed versions.

Package	Type	Release	Fixed Version	Urgency	Origin	Debian Bugs
suphp	source	etch	0.6.2-1+etch0		DSA-1550-1
suphp	source	lenny	0.6.2-2+lenny0		DTSA-124-1
suphp	source	(unstable)	0.6.2-2.1	low		475431