Computer Security
[EN] securityvulns.ru no-pyccku


PHP safe_mode and open_basedir protection bypass
Published:09.12.2006
Source:
SecurityVulns ID:6905
Type:local
Threat Level:
6/10
Description:It's possible to access directories above basedir with session_save_path().
Affected:PHP : PHP 5.2
CVE:CVE-2007-0905 (PHP before 5.2.1 allows attackers to bypass safe_mode and open_basedir restrictions via unspecified vectors in the session extension. NOTE: it is possible that this issue is a duplicate of CVE-2006-6383.)
 CVE-2006-6383 (PHP 5.2.0 and 4.4 allows local users to bypass safe_mode and open_basedir restrictions via a malicious path and a null byte before a ";" in a session_save_path argument, followed by an allowed path, which causes a parsing inconsistency in which PHP validates the allowed path but sets session.save_path to the malicious path.)
Original documentdocumentMaksymilian Arciemowicz, PHP 5.2.0 session.save_path safe_mode and open_basedir bypass (09.12.2006)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod