PHP 5.3 < 5.3.1 Multiple Vulnerabilities

According to its banner, the version of PHP 5.3 installed on the remote host is older than 5.3.1. Such versions may be affected by several security issues : - Sanity checks are missing in exif processing. - It is possible to bypass the 'safemode' configuration setting using 'tempnam'. - It is...

PHP 5.2.11, 5.3.0 Restriction Bypass Vulnerability

PHP is prone to an SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:php:php"; ifdescription scriptoid"1.3.6.1.4.1.25623.1.0.100352...

PHP 5.2.11 / 5.3.0 symlink() open_basedir Bypass

This is exploit from Security Audit Lab - SecurityReason labs. Author : Maksymilian Arciemowicz Script for legal use only. PHP 5.2.11 5.3.0 symlink openbasedir bypass More: SecurityReason '; ifempty$file exit; if!iswritable"." die"not writable directory"; $level=0; for$as=0;$as$fakedep;$as++...

PHP 5.2.11/5.3.0 Multiple Vulnerability

Exploit for unknown platform in category remote exploits ========================================= PHP 5.2.11/5.3.0 Multiple Vulnerabilities ========================================= Title: PHP 5.2.11/5.3.0 Multiple Vulnerabilities CVE-ID: OSVDB-ID: Author: Maksymilian Arciemowicz Published:...

PHP 5.2.11/5.3.0 Multiple Vulnerabilities

No description provided by source. ?php / PHP 5.2.11/5.3.0 symlink openbasedir bypass by Maksymilian Arciemowicz http://securityreason.com/ cxib a.T securityreason d0t com CHUJWAMWMUZG / $fakedir="cx"; $fakedep=16; $num=0; // offset of symlink.$num if!empty$GET'file' $file=$GET'file'; else...

PHP 5.2.115.3.0 - Multiple Vulnerabilities

PHP 5.2.115.3.0 - Multiple Vulnerabilities This is exploit from Security Audit Lab - SecurityReason labs. Author : Maksymilian Arciemowicz Script for legal use only. PHP 5.2.11 5.3.0 symlink openbasedir bypass More: SecurityReason '; ifempty$file exit; if!iswritable"." die"not writable directory"...

PHP 5.2.11/5.3.0 - Multiple Vulnerabilities

This is exploit from Security Audit Lab - SecurityReason labs. Author : Maksymilian Arciemowicz Script for legal use only. PHP 5.2.11 5.3.0 symlink openbasedir bypass More: SecurityReason '; ifempty$file exit; if!iswritable"." die"not writable directory"; $level=0; for$as=0;$as$fakedep;$as++...

Php pdflib扩展绕过open_basedir安全限制漏洞

BUGTRAQ ID: 36951 PHP是广泛使用的通用目的脚本语言，特别适合于Web开发，可嵌入到HTML中。 PHP所使用的PDFLib扩展没有正确的强制基础PHP配置指令，这允许攻击者绕过openbasedir限制在非授权位置写入文件。 仅在多个用户可以创建和执行任意PHP脚本代码的共享托管配置中才会出现这个漏洞。在这种情况下，openbasedir限制应彼此隔离用户。 PHP 5.3.0 厂商补丁： PHP --- 目前厂商还没有提供补丁或者升级程序，我们建议使用此软件的用户随时关注厂商的主页以获取最新版本： http://www.php.net...

Php 5.3.0 pdflib extension open_basedir bypass

Description: ------------ Via this bug , attacker can save a file in path that not allowed in openbasedir . Reproduce code: --------------- ?php // Author : Sina Yazdanmehr R3d.W0rm ; Our Site : http://IrCrash.com if!extensionloaded'pdf' die'pdf extension required .'; else $PATH = $GET'p'; /The...

PHP pdflib extension protection bypass

pdfopenfile function doesn't check file path to match openbasedir...

Php 5.3.0 pdflib extension open_basedir bypass

No description provided by source. Description: ------------ Via this bug , attacker can save a file in path that not allowed in openbasedir . Reproduce code: --------------- ?php // Author : Sina Yazdanmehr R3d.W0rm ; Our Site : http://IrCrash.com if!extensionloaded'pdf' die'pdf extension requir...

PHP 5.3.0 open_basedir Bypass

Description: ------------ Via this bug , attacker can save a file in path that not allowed in openbasedir . Reproduce code: --------------- / if!isset$PATH,$VALUE die'/expl.php?p=pathuwantsavefile/filename&v=valueuwantsav einfile'; $IRCRASH = pdfnew; pdfopenfile$IRCRASH,$PATH;...

PHP 5.3.0 pdflib Arbitrary File Write

No description provided by source. Description: ------------ Via this bug , attacker can save a file in path that not allowed in openbasedir . Reproduce code: --------------- ?php // Author : Sina Yazdanmehr R3d.W0rm ; Our Site : http://IrCrash.com if!extensionloaded'pdf' die'pdf extension requir...

PHP 5.3.0 - pdflib Arbitrary File Write

PHP 5.3.0 - pdflib Arbitrary File Write Description: ------------ Via this bug , attacker can save a file in path that not allowed in openbasedir . Reproduce code: --------------- / if!isset$PATH,$VALUE die'/expl.php?p=pathuwantsavefile/filename&v=valueuwantsav einfile'; $IRCRASH = pdfnew;...

PHP 5.3.0 - &#039;pdflib&#039; Arbitrary File Write

Description: ------------ Via this bug , attacker can save a file in path that not allowed in openbasedir . Reproduce code: --------------- / if!isset$PATH,$VALUE die'/expl.php?p=pathuwantsavefile/filename&v=valueuwantsav einfile'; $IRCRASH = pdfnew; pdfopenfile$IRCRASH,$PATH;...

Mandrake Security Advisory MDVSA-2009:285 (php)

The remote host is missing an update to php announced via advisory MDVSA-2009:285. OpenVAS Vulnerability Test $Id: mdksa2009285.nasl 6573 2017-07-06 13:10:50Z cfischer $ Description: Auto-generated from advisory MDVSA-2009:285 php Authors: Thomas Reinke Copyright: Copyright c 2009 E-Soft Inc...

Mandrake Security Advisory MDVSA-2009:285 (php)

The remote host is missing an update to php announced via advisory MDVSA-2009:285. SPDX-FileCopyrightText: 2009 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only OR GPL-3.0-on...

Mandriva Linux Security Advisory : php (MDVSA-2009:285)

Multiple vulnerabilities has been found and corrected in php : The gdGetColors function in gdgd.c in PHP 5.2.11 and 5.3.0, and the GD Graphics Library 2.x, does not properly verify a certain colorsTotal structure member, which might allow remote attackers to conduct buffer overflow or buffer...

CVE-2008-7002

PHP 5.2.5 does not enforce a openbasedir and b safemodeexecdir restrictions for certain functions, which might allow local users to bypass intended access restrictions and call programs outside of the intended directory via the 1 exec, 2 system, 3 shellexec, 4 passthru, or 5 popen functions,...

Information disclosure

PHP 5.2.5 does not enforce a openbasedir and b safemodeexecdir restrictions for certain functions, which might allow local users to bypass intended access restrictions and call programs outside of the intended directory via the 1 exec, 2 system, 3 shellexec, 4 passthru, or 5 popen functions,...