PHP CURL 'safe_mode' And 'open_basedir' Restriction-Bypass Vulnerability Network Vulnerability

Summary

PHP is prone to a safe_mode and open_basedir restriction-bypass vulnerability. Successful exploits could allow an attacker to access files in unauthorized locations. This vulnerability would be an issue in shared-hosting configurations where multiple users can create and execute arbitrary PHP script code, with the safe_mode and open_basedir restrictions assumed to isolate the users from each other. PHP 5.2.9 is vulnerable other versions may also be affected.

References

http://www.securityfocus.com/bid/34475

Updated on 2015-03-25

Severity

Classification

CVSS	Base Score: 4.3 AV:N/AC:M/Au:N/C:N/I:P/A:N

Related Vulnerabilities

Apache Tomcat DOS Device Name XSS
Apache Tomcat SecurityConstraints Security Bypass Vulnerability
Apache Tiles Multiple XSS Vulnerability
/doc directory browsable ?
Adobe ColdFusion Multiple Full Path Disclosure Vulnerabilities

PHP cURL 'safe_mode' and 'open_basedir' Restriction-Bypass Vulnerability

Take action and discover your vulnerabilities