Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
freebsdFreeBSD73634294-0FA7-11E0-BECC-0022156E8794
HistoryDec 10, 2010 - 12:00 a.m.

php -- open_basedir bypass

2010-12-1000:00:00
vuxml.freebsd.org
20

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:L/Au:N/C:N/I:P/A:N

0.006 Low

EPSS

Percentile

77.5%

JSON

MITRE reports:

fopen_wrappers.c in PHP 5.3.x through 5.3.3 might allow
remote attackers to bypass open_basedir restrictions via
vectors related to the length of a filename.

OSVersionArchitecturePackageVersionFilename
FreeBSDanynoarchphp5< 5.3.4UNKNOWN
FreeBSDanynoarchphp52< 5.2.15UNKNOWN

Related

nessus 19
openvas 38
prion 1
cve 1
ubuntu 2
ubuntucve 1
securityvulns 8
slackware 1
fedora 6
gentoo 1
nessus
nessus
Ubuntu 6.06 LTS / 8.04 LTS / 9.10 / 10.04 LTS / 10.10 : php5 regression (USN-1042-2)
2011-01-14 00:00:00
FreeBSD : php -- open_basedir bypass (73634294-0fa7-11e0-becc-0022156e8794)
2011-01-13 00:00:00
Mandriva Linux Security Advisory : php (MDVSA-2010:218)
2010-11-01 00:00:00
openvas
openvas
Ubuntu: Security Advisory (USN-1042-2)
2011-01-14 00:00:00
Ubuntu Update for php5 regression USN-1042-2
2011-01-14 00:00:00
FreeBSD Ports: php5
2011-01-24 00:00:00
prion
prion
Design/Logic Flaw
2010-11-09 01:00:00
cve
cve
CVE-2010-3436
2010-11-09 01:00:00
ubuntu
ubuntu
PHP5 regression
2011-01-13 00:00:00
PHP vulnerabilities
2011-01-11 00:00:00
ubuntucve
ubuntucve
CVE-2010-3436
2010-11-08 00:00:00
securityvulns
securityvulns
[ MDVSA-2010:218 ] php
2010-11-02 00:00:00
PHP multiple security vulnerabilities
2010-11-24 00:00:00
[USN-1042-1] PHP vulnerabilities
2011-01-13 00:00:00
slackware
slackware
[slackware-security] php
2010-12-24 03:35:50
fedora
fedora
[SECURITY] Fedora 14 Update: php-5.3.4-1.fc14.1
2011-01-04 20:55:36
[SECURITY] Fedora 13 Update: php-5.3.4-1.fc13.1
2011-01-04 20:53:11
[SECURITY] Fedora 14 Update: php-eaccelerator-0.9.6.1-3.fc14
2011-01-04 20:55:36
gentoo
gentoo
PHP: Multiple vulnerabilities
2011-10-10 00:00:00

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:L/Au:N/C:N/I:P/A:N

0.006 Low

EPSS

Percentile

77.5%

JSON
Related for 73634294-0FA7-11E0-BECC-0022156E8794
nessus19openvas38prion1cve1ubuntu2ubuntucve1securityvulns8slackware1fedora6gentoo1