Description of problem: http://pear.php.net/advisory-20070507.txt "" The PEAR installer is available from http://pear.php.net/package/PEAR. The PEAR installer is used to install PHP-based software packages distributed from pear.php.net and PHP extensions from pecl.php.net. Lack of validation of the install-as attribute in package.xml version 1.0 and of the <install> tag in package.xml version 2.0 allows attackers to install files in any location and possibly overwrite crucial system files if the PEAR Installer is running as a privileged user. ""
Installation of a PEAR package from an untrusted source could allow malicious code to be installed and potentially executed by the root user. This is true regardless of the existence of this particular bug in the PEAR installer, so the bug would not be treated as security-sensitive. As when handling system RPM packages, the root user must always ensure that any packages installed are from a trusted source and have been packaged correctly.