EUVD-2006-5163

🗓️ 07 Oct 2025 00:30:54Reported by EUVDType

Race condition in PHP symlink function allows bypassing open_basedir restriction through symlinks.

Reporter	Title	Published	Views	Family All 12
Circl	CVE-2006-5178	19 Dec 200900:00	–	circl
CVE	CVE-2006-5178	6 Oct 200600:00	–	cve
Cvelist	CVE-2006-5178	6 Oct 200600:00	–	cvelist
FreeBSD	php -- open_basedir Race Condition Vulnerability	2 Oct 200600:00	–	freebsd
Tenable Nessus	FreeBSD : php -- open_basedir Race Condition Vulnerability (edabe438-542f-11db-a5ae-00508d6a62df)	5 Oct 200600:00	–	nessus
Tenable Nessus	Mandrake Linux Security Advisory : php (MDKSA-2006:185)	18 Feb 200700:00	–	nessus
Tenable Nessus	PHP Symlink Function Race Condition open_basedir Bypass	18 Nov 201100:00	–	nessus
NVD	CVE-2006-5178	10 Oct 200604:06	–	nvd
OpenVAS	FreeBSD Ports: php4, php5	4 Sep 200800:00	–	openvas
OpenVAS	FreeBSD Ports: php4, php5	4 Sep 200800:00	–	openvas

[
  {
    "enisaIdVendor": [
      {
        "id": "8e45e3c8-0646-3155-ba8d-1eac93e2b0b5",
        "vendor": {
          "name": "n/a"
        }
      }
    ],
    "enisaIdProduct": [
      {
        "id": "8709e8f0-23ba-3a3b-8736-5c4a1afb729f",
        "product": {
          "name": "n/a"
        },
        "product_version": "n/a"
      }
    ]
  }
]

Source	Link
lists	www.lists.grok.org.uk/pipermail/full-disclosure/2006-October/049850.html
securityfocus	www.securityfocus.com/archive/1/448953/100/0/threaded
securityfocus	www.securityfocus.com/archive/1/447649/100/0/threaded
turbolinux	www.turbolinux.com/security/2006/TLSA-2006-38.txt
securityfocus	www.securityfocus.com/bid/20326
securityreason	www.securityreason.com/securityalert/1692
neosecurityteam	www.neosecurityteam.net/index.php
secunia	www.secunia.com/advisories/22235
securityfocus	www.securityfocus.com/archive/1/448020/100/0/threaded
vupen	www.vupen.com/english/advisories/2006/3901

07 Oct 2025 00:30Current

6.1Medium risk

Vulners AI Score6.1

CVSS 26.2

EPSS0.00264