3 matches found
error_log() Safe Mode Bypass PHP 5.1.4 and 4.4.2
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 errorlog Safe Mode Bypass PHP 5.1.4 and 4.4.2 Author: Maksymilian Arciemowicz cXIb8O3 Date: - -Written: 10.6.2006 - -Public: 26.06.2006 from SECURITYREASON.COM CVE-2006-3011 - --- 0.Description --- PHP is an HTML-embedded scripting language. Much of i...
CVE-2006-3011
The errorlog function in basicfunctions.c in PHP before 4.4.4 and 5.x before 5.1.5 allows local users to bypass safe mode and openbasedir restrictions via a "php://" or other scheme in the third argument, which disables safe mode...
CVE-2006-3011
CVE-2006-3011 affects PHP up to 4.4.4 and 5.x up to 5.1.5, where error_log() can bypass safe_mode/open_basedir via a php:// scheme in the third argument. The SUSE Red Hat NVD entries confirm the safe_mode/open_basedir bypass in local contexts and identify error_log as the related vector. Ubuntu U...