256 matches found
CVE-2006-3011
The errorlog function in basicfunctions.c in PHP before 4.4.4 and 5.x before 5.1.5 allows local users to bypass safe mode and openbasedir restrictions via a "php://" or other scheme in the third argument, which disables safe mode...
CVE-2006-3011
CVE-2006-3011 affects PHP up to 4.4.4 and 5.x up to 5.1.5, where error_log() can bypass safe_mode/open_basedir via a php:// scheme in the third argument. The SUSE Red Hat NVD entries confirm the safe_mode/open_basedir bypass in local contexts and identify error_log as the related vector. Ubuntu U...
CVE-2006-2825
cPanel does not automatically synchronize the PHP openbasedir configuration directive between the main server and virtual hosts that share physical directories, which might allow a local user to bypass openbasedir restrictions and access other virtual hosts via a PHP script that uses a main serve...
Design/Logic Flaw
cPanel does not automatically synchronize the PHP openbasedir configuration directive between the main server and virtual hosts that share physical directories, which might allow a local user to bypass openbasedir restrictions and access other virtual hosts via a PHP script that uses a main serve...
CVE-2006-2825
cPanel does not automatically synchronize the PHP openbasedir configuration directive between the main server and virtual hosts that share physical directories, which might allow a local user to bypass openbasedir restrictions and access other virtual hosts via a PHP script that uses a main serve...
CVE-2006-2825
cPanel does not automatically synchronize the PHP openbasedir configuration directive between the main server and virtual hosts that share physical directories, which might allow a local user to bypass openbasedir restrictions and access other virtual hosts via a PHP script that uses a main serve...
CVE-2006-2825
CVE-2006-2825 : cPanel does not automatically synchronize the PHP open_basedir configuration between the main server and virtual hosts that share physical directories. This may allow a local user to bypass open_basedir restrictions and access other virtual hosts via a PHP script that uses a main-...
Directory traversal
Directory traversal vulnerability in file.c in PHP 4.4.2 and 5.1.2 allows local users to bypass openbasedir restrictions allows remote attackers to create files in arbitrary directories via the tempnam function...
CVE-2006-1494
Directory traversal vulnerability in file.c in PHP 4.4.2 and 5.1.2 allows local users to bypass openbasedir restrictions allows remote attackers to create files in arbitrary directories via the tempnam function...
CVE-2006-1494
Directory traversal vulnerability in file.c in PHP 4.4.2 and 5.1.2 allows local users to bypass openbasedir restrictions allows remote attackers to create files in arbitrary directories via the tempnam function...
PHP 4.x - tempnam() open_basedir Restriction Bypass
PHP 4.x - tempnam openbasedir Restriction Bypass source: https://www.securityfocus.com/bid/17439/info PHP is prone to multiple 'safemode' and 'openbasedir' restriction-bypass vulnerabilities. Successful exploits could allow an attacker to access sensitive information or to write files in...
[Full-disclosure] tempnam() open_basedir bypass PHP 4.4.2 and 5.1.2
Source: http://securityreason.com/achievementsecurityalert/36 -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 tempnam openbasedir bypass PHP 4.4.2 and 5.1.2 Author: Maksymilian Arciemowicz cXIb8O3 Date: - -Written: 26.3.2006 - -Public: 8.4.2006 from SECURITYREASON.COM CVE-2006-1494 - ---...
PHP 4.x - 'tempnam() open_basedir' Restriction Bypass
source: https://www.securityfocus.com/bid/17439/info PHP is prone to multiple 'safemode' and 'openbasedir' restriction-bypass vulnerabilities. Successful exploits could allow an attacker to access sensitive information or to write files in unauthorized locations. These vulnerabilities would be an...
PHP 4.x - 'copy() Safe_Mode' Bypass
source: https://www.securityfocus.com/bid/17439/info PHP is prone to multiple 'safemode' and 'openbasedir' restriction-bypass vulnerabilities. Successful exploits could allow an attacker to access sensitive information or to write files in unauthorized locations. These vulnerabilities would be an...
CVE-2006-1017
The c-client library 2000, 2001, or 2004 for PHP before 4.4.4 and 5.x before 5.1.5 do not check the 1 safemode or 2 openbasedir functions, and when used in applications that accept user-controlled input for the mailbox argument to the imapopen function, allow remote attackers to obtain access to ...
Design/Logic Flaw
The c-client library 2000, 2001, or 2004 for PHP before 4.4.4 and 5.x before 5.1.5 do not check the 1 safemode or 2 openbasedir functions, and when used in applications that accept user-controlled input for the mailbox argument to the imapopen function, allow remote attackers to obtain access to ...
(PHP) imap functions bypass safemode and open_basedir restrictions
Vulnerability in c-client library tested with versions 2000,2001,2004, mailopen could be used to open stream to local files. For php and imap module imapopen allow to bypass safemode and openbasedir restrictions. Use imapbody or others to view a file and imaplist to recursively list a directory...
PHP 4.x5.05.1 with Sendmail Mail Function - additional_param Arbitrary File Creation
PHP 4.x5.05.1 with Sendmail Mail Function - additionalparam Arbitrary File Creation source: https://www.securityfocus.com/bid/16878/info PHP is prone to multiple input-validation vulnerabilities that could allow 'safemode' and 'openbasedir' security settings to be bypassed. These issues reside in...
PHP 4.x5.05.1 - mb_send_mail() Restriction Bypass
PHP 4.x5.05.1 - mbsendmail Restriction Bypass source: https://www.securityfocus.com/bid/16878/info PHP is prone to multiple input-validation vulnerabilities that could allow 'safemode' and 'openbasedir' security settings to be bypassed. These issues reside in the 'mbsendmail' function, the 'mail'...
Ubuntu 4.10 / 5.04 / 5.10 : php4, php5 vulnerabilities (USN-232-1)
Eric Romang discovered a local Denial of Service vulnerability in the handling of the 'session.savepath' parameter in PHP's Apache 2.0 module. By setting this parameter to an invalid value in an .htaccess file, a local user could crash the Apache server. CVE-2005-3319 A Denial of Service flaw was...