PHP PHP_RSHUTDOWN_FUNCTION Security Bypass

According to its banner, the version of PHP 5.x installed on the remote host is 5.x prior to 5.3.11 or 5.4.x prior to 5.4.1 and thus, is potentially affected by a security bypass vulnerability. An error exists related to the function 'PHPRSHUTDOWNFUNCTION' in the libxml extension and the...

PHP libxml RSHUTDOWN安全限制绕过漏洞(CVE-2012-1171)

BUGTRAQ ID: 65673 CVECAN ID: CVE-2012-1171 PHP是一种HTML内嵌式的语言。 PHP 5.x版本内的libxml RSHUTDOWN函数可使远程攻击者在用自定义流封装器时调用streamclose方法，绕过openbasedir保护机制，读取敏感文件。 0 PHP PHP 5.5.x 厂商补丁： PHP --- 目前厂商已经发布了升级补丁以修复这个安全问题，请到厂商的主页下载： http://www.php.net/downloads.php...

CVE-2012-1171

The libxml RSHUTDOWN function in PHP 5.x allows remote attackers to bypass the openbasedir protection mechanism and read arbitrary files via vectors involving a streamclose method call during use of a custom stream wrapper...

CVE-2012-1171

CVE-2012-1171 affects PHP 5.x via the libxml RSHUTDOWN function, enabling a remote attacker to bypass open_basedir protections and read arbitrary files when a custom stream wrapper is in use. The issue is triggered by a stream_close call during wrapper usage, which bypasses the intended directory...