CVE-2006-1494 : Détail

CVE-2006-1494

2.95%V3
Network
2006-04-10
17h00 +00:00
2018-10-18
12h57 +00:00
Notifications pour un CVE
Restez informé de toutes modifications pour un CVE spécifique.
Gestion des notifications

Descriptions du CVE

Directory traversal vulnerability in file.c in PHP 4.4.2 and 5.1.2 allows local users to bypass open_basedir restrictions allows remote attackers to create files in arbitrary directories via the tempnam function.

Informations du CVE

Métriques

Métriques Score Gravité CVSS Vecteur Source
V2 2.6 AV:N/AC:H/Au:N/C:N/I:P/A:N [email protected]

EPSS

EPSS est un modèle de notation qui prédit la probabilité qu'une vulnérabilité soit exploitée.

Score EPSS

Le modèle EPSS produit un score de probabilité compris entre 0 et 1 (0 et 100 %). Plus la note est élevée, plus la probabilité qu'une vulnérabilité soit exploitée est grande.

Percentile EPSS

Le percentile est utilisé pour classer les CVE en fonction de leur score EPSS. Par exemple, une CVE dans le 95e percentile selon son score EPSS est plus susceptible d'être exploitée que 95 % des autres CVE. Ainsi, le percentile sert à comparer le score EPSS d'une CVE par rapport à d'autres CVE.

Informations sur l'Exploit

Exploit Database EDB-ID : 27595

Date de publication : 2006-04-09 22h00 +00:00
Auteur : Maksymilian Arciemowicz
EDB Vérifié : Yes

source: https://www.securityfocus.com/bid/17439/info PHP is prone to multiple 'safe_mode' and 'open_basedir' restriction-bypass vulnerabilities. Successful exploits could allow an attacker to access sensitive information or to write files in unauthorized locations. These vulnerabilities would be an issue in shared-hosting configurations where multiple users can create and execute arbitrary PHP script code, when the 'safe_mode' and 'open_basedir' restrictions are expected to isolate the users from each other. These issues are reported to affect PHP versions 4.4.2 and 5.1.2; other versions may also be vulnerable. tempnam("path_from_open_basedir", "../../../../../../../../Open_basedir_bypasswd");

Products Mentioned

Configuraton 0

Php>>Php >> Version 4.0

Php>>Php >> Version 4.0

Php>>Php >> Version 4.0

Php>>Php >> Version 4.0

Php>>Php >> Version 4.0

Php>>Php >> Version 4.0

Php>>Php >> Version 4.0

Php>>Php >> Version 4.0

Php>>Php >> Version 4.0.0

Php>>Php >> Version 4.0.1

Php>>Php >> Version 4.0.1

Php>>Php >> Version 4.0.1

Php>>Php >> Version 4.0.2

Php>>Php >> Version 4.0.3

Php>>Php >> Version 4.0.3

Php>>Php >> Version 4.0.4

Php>>Php >> Version 4.0.4

    Php>>Php >> Version 4.0.5

    Php>>Php >> Version 4.0.6

    Php>>Php >> Version 4.0.7

    Php>>Php >> Version 4.0.7

    Php>>Php >> Version 4.0.7

    Php>>Php >> Version 4.0.7

    Php>>Php >> Version 4.1.0

    Php>>Php >> Version 4.1.1

    Php>>Php >> Version 4.1.2

    Php>>Php >> Version 4.2

      Php>>Php >> Version 4.2.0

      Php>>Php >> Version 4.2.1

      Php>>Php >> Version 4.2.2

      Php>>Php >> Version 4.2.3

      Php>>Php >> Version 4.3.0

      Php>>Php >> Version 4.3.1

      Php>>Php >> Version 4.3.2

      Php>>Php >> Version 4.3.3

      Php>>Php >> Version 4.3.4

      Php>>Php >> Version 4.3.5

      Php>>Php >> Version 4.3.6

      Php>>Php >> Version 4.3.7

      Php>>Php >> Version 4.3.8

      Php>>Php >> Version 4.3.9

      Php>>Php >> Version 4.3.10

      Php>>Php >> Version 4.3.11

      Php>>Php >> Version 4.4.0

      Php>>Php >> Version 4.4.1

      Php>>Php >> Version 4.4.2

      Php>>Php >> Version 5.0

        Php>>Php >> Version 5.0

          Php>>Php >> Version 5.0

            Php>>Php >> Version 5.0.0

            Php>>Php >> Version 5.0.0

            Php>>Php >> Version 5.0.0

            Php>>Php >> Version 5.0.0

            Php>>Php >> Version 5.0.0

            Php>>Php >> Version 5.0.0

            Php>>Php >> Version 5.0.0

            Php>>Php >> Version 5.0.0

            Php>>Php >> Version 5.0.1

            Php>>Php >> Version 5.0.2

            Php>>Php >> Version 5.0.3

            Php>>Php >> Version 5.0.4

            Php>>Php >> Version 5.0.5

            Php>>Php >> Version 5.1.0

            Php>>Php >> Version 5.1.1

            Php>>Php >> Version 5.1.2

            Références

            http://secunia.com/advisories/21723
            Tags : third-party-advisory, x_refsource_SECUNIA
            http://secunia.com/advisories/19775
            Tags : third-party-advisory, x_refsource_SECUNIA
            http://secunia.com/advisories/21252
            Tags : third-party-advisory, x_refsource_SECUNIA
            http://secunia.com/advisories/21202
            Tags : third-party-advisory, x_refsource_SECUNIA
            http://securityreason.com/securityalert/677
            Tags : third-party-advisory, x_refsource_SREASON
            http://www.vupen.com/english/advisories/2006/1290
            Tags : vdb-entry, x_refsource_VUPEN
            http://www.redhat.com/support/errata/RHSA-2006-0568.html
            Tags : vendor-advisory, x_refsource_REDHAT
            http://secunia.com/advisories/21135
            Tags : third-party-advisory, x_refsource_SECUNIA
            http://www.ubuntu.com/usn/usn-320-1
            Tags : vendor-advisory, x_refsource_UBUNTU
            http://secunia.com/advisories/19979
            Tags : third-party-advisory, x_refsource_SECUNIA
            http://rhn.redhat.com/errata/RHSA-2006-0549.html
            Tags : vendor-advisory, x_refsource_REDHAT
            http://secunia.com/advisories/22225
            Tags : third-party-advisory, x_refsource_SECUNIA
            http://secunia.com/advisories/21125
            Tags : third-party-advisory, x_refsource_SECUNIA
            http://secunia.com/advisories/19599
            Tags : third-party-advisory, x_refsource_SECUNIA
            http://www.mandriva.com/security/advisories?name=MDKSA-2006:074
            Tags : vendor-advisory, x_refsource_MANDRIVA
            http://securityreason.com/achievement_securityalert/36
            Tags : third-party-advisory, x_refsource_SREASONRES
            http://secunia.com/advisories/21031
            Tags : third-party-advisory, x_refsource_SECUNIA
            http://securitytracker.com/id?1015881
            Tags : vdb-entry, x_refsource_SECTRACK
            http://www.redhat.com/support/errata/RHSA-2006-0567.html
            Tags : vendor-advisory, x_refsource_REDHAT
            http://www.securityfocus.com/bid/17439
            Tags : vdb-entry, x_refsource_BID