PHP 4.x5.05.1 - mb_send_mail() Restriction Bypass

2006-02-28T00:00:00
ID EXPLOITPACK:59FCA6AABE180D51E08E9E8A6E2A0282
Type exploitpack
Reporter ced.clerget@free.fr
Modified 2006-02-28T00:00:00

Description

PHP 4.x5.05.1 - mb_send_mail() Restriction Bypass

                                        
                                            source: https://www.securityfocus.com/bid/16878/info
 
PHP is prone to multiple input-validation vulnerabilities that could allow 'safe_mode' and 'open_basedir' security settings to be bypassed. These issues reside in the 'mb_send_mail()' function, the 'mail()' function, and various PHP IMAP functions.

mb_send_mail($email_address, NULL, NULL, NULL, $additional_param);