Lucene search

K
ubuntucveUbuntu.comUB:CVE-2011-2202
HistoryJun 16, 2011 - 12:00 a.m.

CVE-2011-2202

2011-06-1600:00:00
ubuntu.com
ubuntu.com
16

CVSS2

6.4

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:P/A:P

EPSS

0.055

Percentile

93.2%

The rfc1867_post_handler function in main/rfc1867.c in PHP before 5.3.7
does not properly restrict filenames in multipart/form-data POST requests,
which allows remote attackers to conduct absolute path traversal attacks,
and possibly create or overwrite arbitrary files, via a crafted upload
request, related to a “file path injection vulnerability.”

Bugs

Notes

Author Note
mdeslaur PoC: http://pastebin.com/1edSuSVN
OSVersionArchitecturePackageVersionFilename
ubuntu8.04noarchphp5< 5.2.4-2ubuntu5.18UNKNOWN
ubuntu10.04noarchphp5< 5.3.2-1ubuntu4.10UNKNOWN
ubuntu10.10noarchphp5< 5.3.3-1ubuntu9.6UNKNOWN
ubuntu11.04noarchphp5< 5.3.5-1ubuntu7.3UNKNOWN

CVSS2

6.4

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:P/A:P

EPSS

0.055

Percentile

93.2%