8 matches found
EUVD-2007-0899
Malware in sbrugna...
CVE-2007-0905
PHP before 5.2.1 allows attackers to bypass safemode and openbasedir restrictions via unspecified vectors in the session extension. NOTE: it is possible that this issue is a duplicate of CVE-2006-6383...
Mandriva Update for php MDKSA-2007:038 (php)
Check for the Version of php OpenVAS Vulnerability Test Mandriva Update for php MDKSA-2007:038 php Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the terms ...
SuSE 10 Security Update : PHP5 (ZYPP Patch Number 2684)
This update fixes security problems also fixed in PHP 5.2.1, including following problems : - Multiple buffer overflows in PHP before 5.2.1 allow attackers to cause a denial of service and possibly execute arbitrary code via unspecified vectors in the 1 session, 2 zip, 3 imap, and 4 sqlite...
Mandrake Linux Security Advisory : php (MDKSA-2007:038)
PHP 5.2.0 and 4.4 allows local users to bypass safemode and openbasedir restrictions via a malicious path and a null byte before a ';' in a sessionsavepath argument, followed by an allowed path, which causes a parsing inconsistency in which PHP validates the allowed path but sets session.savepath...
Design/Logic Flaw
PHP before 5.2.1 allows attackers to bypass safemode and openbasedir restrictions via unspecified vectors in the session extension. NOTE: it is possible that this issue is a duplicate of CVE-2006-6383...
CVE-2006-6383
CVE-2006-6383 affects PHP 5.2.0 and 4.4. It allows local users to bypass safe_mode and open_basedir restrictions via a malicious path and a null byte before a ";" in a session_save_path argument, followed by an allowed path, causing PHP to validate the allowed path but set session.save_path to th...
PHP 5.2.0 session.save_path safe_mode and open_basedir bypass
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 PHP 5.2.0 session.savepath safemode and openbasedir bypass Author: Maksymilian Arciemowicz SecurityReason Date: - - Written: 02.10.2006 - - Public: 08.12.2006 SecurityAlert Id: 43 CVE: CVE-2006-6383 SecurityRisk: High Affected Software: PHP 5.2.0...