Описание
The posix_mkfifo function in ext/posix/posix.c in PHP before 5.2.12 and 5.3.x before 5.3.1 allows context-dependent attackers to bypass open_basedir restrictions, and create FIFO files, via the pathname and mode arguments, as demonstrated by creating a .htaccess file.
| Релиз | Статус | Примечание |
|---|---|---|
| dapper | released | 5.1.2-1ubuntu3.17 |
| devel | released | 5.2.11.dfsg.1-2ubuntu1 |
| hardy | released | 5.2.4-2ubuntu5.9 |
| intrepid | released | 5.2.6-2ubuntu4.5 |
| jaunty | released | 5.2.6.dfsg.1-3ubuntu4.4 |
| karmic | released | 5.2.10.dfsg.1-2ubuntu6.3 |
| upstream | released | 5.3.1 |
Показывать по
6.8 Medium
CVSS2
Связанные уязвимости
The posix_mkfifo function in ext/posix/posix.c in PHP before 5.2.12 and 5.3.x before 5.3.1 allows context-dependent attackers to bypass open_basedir restrictions, and create FIFO files, via the pathname and mode arguments, as demonstrated by creating a .htaccess file.
The posix_mkfifo function in ext/posix/posix.c in PHP before 5.2.12 and 5.3.x before 5.3.1 allows context-dependent attackers to bypass open_basedir restrictions, and create FIFO files, via the pathname and mode arguments, as demonstrated by creating a .htaccess file.
The posix_mkfifo function in ext/posix/posix.c in PHP before 5.2.12 an ...
The posix_mkfifo function in ext/posix/posix.c in PHP before 5.2.12 and 5.3.x before 5.3.1 allows context-dependent attackers to bypass open_basedir restrictions, and create FIFO files, via the pathname and mode arguments, as demonstrated by creating a .htaccess file.
6.8 Medium
CVSS2