Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

ubuntu логотип

CVE-2006-5178

Опубликовано: 10 окт. 2006
Источник: ubuntu
Приоритет: medium
EPSS Низкий
CVSS2: 6.2

Описание

Race condition in the symlink function in PHP 5.1.6 and earlier allows local users to bypass the open_basedir restriction by using a combination of symlink, mkdir, and unlink functions to change the file path after the open_basedir check and before the file is opened by the underlying system, as demonstrated by symlinking a symlink into a subdirectory, to point to a parent directory via .. (dot dot) sequences, and then unlinking the resulting symlink.

РелизСтатусПримечание
dapper

ignored

end of life
devel

DNE

edgy

ignored

end of life, was needed
feisty

DNE

gutsy

DNE

hardy

DNE

intrepid

DNE

jaunty

DNE

karmic

DNE

upstream

needs-triage

Показывать по

Ссылки на источники

EPSS

Процентиль: 19%
0.00059
Низкий

6.2 Medium

CVSS2

Связанные уязвимости

nvd
почти 19 лет назад

Race condition in the symlink function in PHP 5.1.6 and earlier allows local users to bypass the open_basedir restriction by using a combination of symlink, mkdir, and unlink functions to change the file path after the open_basedir check and before the file is opened by the underlying system, as demonstrated by symlinking a symlink into a subdirectory, to point to a parent directory via .. (dot dot) sequences, and then unlinking the resulting symlink.

debian
почти 19 лет назад

Race condition in the symlink function in PHP 5.1.6 and earlier allows ...

github
больше 3 лет назад

Race condition in the symlink function in PHP 5.1.6 and earlier allows local users to bypass the open_basedir restriction by using a combination of symlink, mkdir, and unlink functions to change the file path after the open_basedir check and before the file is opened by the underlying system, as demonstrated by symlinking a symlink into a subdirectory, to point to a parent directory via .. (dot dot) sequences, and then unlinking the resulting symlink.

EPSS

Процентиль: 19%
0.00059
Низкий

6.2 Medium

CVSS2