CVE-2007-1835

PHP 4 before 4.4.5 and PHP 5 before 5.2.1, when using an empty session save path session.savepath, uses the TMPDIR default after checking the restrictions, which allows local users to bypass openbasedir restrictions...

Design/Logic Flaw

PHP 4 before 4.4.5 and PHP 5 before 5.2.1, when using an empty session save path session.savepath, uses the TMPDIR default after checking the restrictions, which allows local users to bypass openbasedir restrictions...

CVE-2007-1835

PHP 4 before 4.4.5 and PHP 5 before 5.2.1, when using an empty session save path session.savepath, uses the TMPDIR default after checking the restrictions, which allows local users to bypass openbasedir restrictions...

PHP Session.Save_Path() TMPDIR Open_Basedir限制绕过漏洞

PHP是一款广泛使用的WEB开发脚本语言。 PHP session.savepath存在openbasedir绕过问题，远程攻击者可能利用此漏洞结合其他漏洞进行进一步攻击，如包含文件。 当提供空会话保存路径时，文件会话存储模块通过TMPDIR环境变量指定回调的路径，不幸的是回调发生在openbasedir检查之后，可导致安全检查被绕过。进行其他进一步攻击。 PHP PHP 5.2.1 PHP PHP 5.1.6 PHP PHP 5.1.5 PHP PHP 5.1.4 PHP PHP 5.1.3 PHP PHP 5.1.3 PHP PHP 5.1.2 PHP PHP 5.1.1 PHP P...

PHP 5.2 - Session.Save_Path() Safe_mode open_basedir Restriction Bypass

PHP 5.2 - Session.SavePath Safemode openbasedir Restriction Bypass source: https://www.securityfocus.com/bid/21508/info PHP is prone to a 'safemode' and 'openbasedir' restriction-bypass vulnerability. Successful exploits could allow an attacker to access sensitive information or to write files in...