Lucene search

K
veracodeVeracode Vulnerability DatabaseVERACODE:10753
HistoryJan 15, 2019 - 8:51 a.m.

Authorization Bypass

2019-01-1508:51:41
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
18
php
authorization bypass
null character
remote attacker
file access restrictions
vulnerability

EPSS

0.008

Percentile

82.0%

PHP is vulnerable to authorization bypass. File names with NULL characters \0 are not properly handled, which would allow a remote attacker to abuse the vulnerability to create a PHP script to access arbitrary files and bypass file system access restrictions. This is demonstrated by entering a NULL character such as .php\0.jpg at the end of the argument to the file_exists function, which causes access controls to treat the file as an image .jpg file, but process the file as a .php file.

Affected configurations

Vulners
Node
phpphpMatch5.3.3_3.el6_2.5
OR
phpphpMatch5.3.3_23.el6_4
OR
phpphpMatch5.1.6_39.el5_8
OR
phpphpMatch5.3.3_3.el6
OR
phpphpMatch5.1.6_15.el5
OR
phpphpMatch5.3.3_14.el6_3
OR
phpphpMatch5.3.3_22.el6
OR
phpphpMatch5.3.3_3.el6_2.8
OR
phpphpMatch5.1.6_23.2.el5_3
OR
phpphpMatch5.1.6_27.el5_5.3
OR
phpphpMatch5.3.2_6.el6
OR
phpphpMatch5.1.6_11.el5
OR
phpphpMatch5.1.6_40.el5_9
OR
phpphpMatch5.1.6_27.el5
OR
phpphpMatch5.1.6_34.el5_8
OR
phpphpMatch5.1.6_12.el5
OR
phpphpMatch5.1.6_27.el5_7.5
OR
phpphpMatch5.3.3_3.el6_1.3
OR
phpphpMatch5.1.6_20.el5
OR
phpphpMatch5.1.6_32.el5
OR
phpphpMatch5.1.6_43.el5_10
OR
phpphpMatch5.3.2_6.el6_0.1
OR
phpphpMatch5.1.6_23.el5
OR
phpphpMatch5.1.6_7.el5
OR
phpphpMatch5.1.6_27.el5_7.4
OR
phpphpMatch5.1.6_20.el5_2.1
OR
phpphpMatch5.1.6_5.el5
OR
phpphpMatch5.1.6_24.el5_4.5
OR
phpphpMatch5.3.3_3.el6_2.6
OR
-php53Match5.3.3_1.el5_7.5
OR
-php53Match5.3.3_1.el5_6.1
OR
-php53Match5.3.3_13.el5_8
OR
-php53Match5.3.3_13.el5_9.1
OR
-php53Match5.3.3_1.el5_7.6
OR
-php53Match5.3.3_1.el5_7.3
OR
-php53Match5.3.3_5.el5
OR
-php53Match5.3.3_7.el5_8
OR
-php53Match5.3.3_1.el5
VendorProductVersionCPE
phpphp5.3.3_3.el6_2.5cpe:2.3:a:php:php:5.3.3_3.el6_2.5:*:*:*:*:*:*:*
phpphp5.3.3_23.el6_4cpe:2.3:a:php:php:5.3.3_23.el6_4:*:*:*:*:*:*:*
phpphp5.1.6_39.el5_8cpe:2.3:a:php:php:5.1.6_39.el5_8:*:*:*:*:*:*:*
phpphp5.3.3_3.el6cpe:2.3:a:php:php:5.3.3_3.el6:*:*:*:*:*:*:*
phpphp5.1.6_15.el5cpe:2.3:a:php:php:5.1.6_15.el5:*:*:*:*:*:*:*
phpphp5.3.3_14.el6_3cpe:2.3:a:php:php:5.3.3_14.el6_3:*:*:*:*:*:*:*
phpphp5.3.3_22.el6cpe:2.3:a:php:php:5.3.3_22.el6:*:*:*:*:*:*:*
phpphp5.3.3_3.el6_2.8cpe:2.3:a:php:php:5.3.3_3.el6_2.8:*:*:*:*:*:*:*
phpphp5.1.6_23.2.el5_3cpe:2.3:a:php:php:5.1.6_23.2.el5_3:*:*:*:*:*:*:*
phpphp5.1.6_27.el5_5.3cpe:2.3:a:php:php:5.1.6_27.el5_5.3:*:*:*:*:*:*:*
Rows per page:
1-10 of 381

References