← Back to team overview

ius-coredev team mailing list archive

  1. ius-coredev team
  2. Mailing list archive
  3. Message #00018

[Bug 462057] [NEW] PHP 'posix_mkfifo()' 'open_basedir' Restriction Bypass Vulnerability

  Thread PreviousDate PreviousThread Next 
*** This bug is a security vulnerability ***

Private security bug reported:

http://www.securityfocus.com/bid/36554/info

Bugtraq ID:  	 36554
Class: 	Design Error
CVE: 	
Remote: 	No
Local: 	Yes
Published: 	Sep 30 2009 12:00AM
Updated: 	Sep 30 2009 08:00PM
Credit: 	Grzegorz Stachowiak
Vulnerable: 	PHP PHP 5.3
PHP PHP 5.2.11 


http://svn.php.net/viewvc/php/php-src/branches/PHP_5_2/ext/posix/posix.c?view=log
http://svn.php.net/viewvc/php/php-src/branches/PHP_5_3/ext/posix/posix.c?view=log

http://securityreason.com/securityalert/6600

** Affects: ius
     Importance: High
     Assignee: BJ Dierkes (derks)
         Status: New


** Tags: php52 php53 security

-- 
PHP 'posix_mkfifo()' 'open_basedir' Restriction Bypass Vulnerability
https://bugs.launchpad.net/bugs/462057
You received this bug notification because you are a member of IUS Core
Development, which is a direct subscriber.

Status in IUS Community Project: New

Bug description:
http://www.securityfocus.com/bid/36554/info

Bugtraq ID:  	 36554
Class: 	Design Error
CVE: 	
Remote: 	No
Local: 	Yes
Published: 	Sep 30 2009 12:00AM
Updated: 	Sep 30 2009 08:00PM
Credit: 	Grzegorz Stachowiak
Vulnerable: 	PHP PHP 5.3
PHP PHP 5.2.11 


http://svn.php.net/viewvc/php/php-src/branches/PHP_5_2/ext/posix/posix.c?view=log
http://svn.php.net/viewvc/php/php-src/branches/PHP_5_3/ext/posix/posix.c?view=log

http://securityreason.com/securityalert/6600

Follow ups

References

  Thread PreviousDate PreviousThread Next