Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
ubuntucveUbuntu.comUB:CVE-2008-2665
HistoryJun 20, 2008 - 12:00 a.m.

CVE-2008-2665

2008-06-2000:00:00
ubuntu.com
ubuntu.com
3

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

0.005 Low

EPSS

Percentile

74.9%

JSON

Directory traversal vulnerability in the posix_access function in PHP 5.2.6
and earlier allows remote attackers to bypass safe_mode restrictions via a
โ€ฆ (dot dot) in an http URL, which results in the URL being canonicalized
to a local filename after the safe_mode check has successfully run.

Notes

Author Note
kees safe mode not supported

Related

seebug 3
prion 1
securityvulns 3
cve 1
freebsd 1
openvas 14
nessus 6
slackware 1
gentoo 1
seebug
seebug
PHP 5 posix_access()ๅ‡ฝๆ•ฐ็ป•่ฟ‡safe_mode้™ๅˆถๆผๆดž
2008-06-20 00:00:00
PHP 5 'posix_access()'ๅ‡ฝๆ•ฐ'safe_mode'็ป•่ฟ‡็›ฎๅฝ•้ๅŽ†ๆผๆดž
2008-06-23 00:00:00
PHP 5 'posix_access()'ๅŠŸๅฎ‰ๅ…จๆจกๅผ็ป•่ฟ‡็›ฎๅฝ•้ๅŽ†ๆผๆดž
2008-12-10 00:00:00
prion
prion
Directory traversal
2008-06-20 01:41:00
securityvulns
securityvulns
[Full-disclosure] PHP 5.2.6 posix_access() (posix ext) safe_mode bypass
2008-06-23 00:00:00
PHP safe_mode protection bypass
2008-06-23 00:00:00
About the security content of Security Update 2009-002 / Mac OS X v10.5.7
2009-05-14 00:00:00
cve
cve
CVE-2008-2665
2008-06-20 01:41:00
freebsd
freebsd
php -- input validation error in safe_mode
2008-06-17 00:00:00
openvas
openvas
FreeBSD Ports: php5-posix
2008-09-04 00:00:00
FreeBSD Ports: php5-posix
2008-09-04 00:00:00
Slackware: Security Advisory (SSA:2008-339-01)
2012-09-10 00:00:00
nessus
nessus
FreeBSD : php -- input validation error in safe_mode (ee6fa2bd-406a-11dd-936a-0015af872849)
2008-09-05 00:00:00
Slackware 12.0 / 12.1 / current : php (SSA:2008-339-01)
2008-12-05 00:00:00
PHP 5.x < 5.2.7 Multiple Vulnerabilities
2014-11-17 00:00:00
slackware
slackware
[slackware-security] php
2008-12-05 07:37:41
gentoo
gentoo
PHP: Multiple vulnerabilities
2008-11-16 00:00:00

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

0.005 Low

EPSS

Percentile

74.9%

JSON
Related for UB:CVE-2008-2665
seebug3prion1securityvulns3cve1freebsd1openvas14nessus6slackware1gentoo1