← Back to team overview

ius-coredev team mailing list archive

  1. ius-coredev team
  2. Mailing list archive
  3. Message #00022

[Bug 462057] Re: PHP 'posix_mkfifo()' 'open_basedir' Restriction Bypass Vulnerability

  Thread PreviousDate PreviousThread Next 
Reproduced issue based on the example from securityreason.com, verified
that issue is fixed with latest versions of php52/php53.

-- 
PHP 'posix_mkfifo()' 'open_basedir' Restriction Bypass Vulnerability
https://bugs.launchpad.net/bugs/462057
You received this bug notification because you are a member of IUS Core
Development, which is a direct subscriber.

Status in IUS Community Project: In Progress
Status in IUS Community Project php52 series: In Progress
Status in IUS Community Project php53 series: New

Bug description:
http://www.securityfocus.com/bid/36554/info

Bugtraq ID:  	 36554
Class: 	Design Error
CVE: 	
Remote: 	No
Local: 	Yes
Published: 	Sep 30 2009 12:00AM
Updated: 	Sep 30 2009 08:00PM
Credit: 	Grzegorz Stachowiak
Vulnerable: 	PHP PHP 5.3
PHP PHP 5.2.11 


http://svn.php.net/viewvc/php/php-src/branches/PHP_5_2/ext/posix/posix.c?view=log
http://svn.php.net/viewvc/php/php-src/branches/PHP_5_3/ext/posix/posix.c?view=log

http://securityreason.com/securityalert/6600

References

  Thread PreviousDate PreviousThread Next