PHP mb_send_mail() Function Parameter Restriction Bypass

2006-02-28T06:47:36
ID OSVDB:23534
Type osvdb
Reporter (ced.clerget@free.fr)
Modified 2006-02-28T06:47:36

Description

Vulnerability Description

PHP contains a flaw that may allow a malicious user to gain access to unauthorized privileges. The issue is triggered when sendmail paramaters are passed as arguments to the PHP mb_send_mail function. This flaw may lead to a loss of confidentiality or integrity.

Solution Description

Currently, there are no known upgrades, patches, or workarounds available to correct this issue.

Short Description

PHP contains a flaw that may allow a malicious user to gain access to unauthorized privileges. The issue is triggered when sendmail paramaters are passed as arguments to the PHP mb_send_mail function. This flaw may lead to a loss of confidentiality or integrity.

References:

Vendor Specific Advisory URL Secunia Advisory ID:19979 Secunia Advisory ID:18694 Related OSVDB ID: 23535 Mail List Post: http://archives.neohapsis.com/archives/bugtraq/2006-02/0538.html FrSIRT Advisory: ADV-2006-0772 CVE-2006-1014 Bugtraq ID: 16878