[php-maint] Bug#354685: PHP4 in Sarge may be vulnerable to
CVE-2005-3054
Nick Jenkins
nickpj at gmail.com
Tue Feb 28 04:30:46 UTC 2006
Package: php4
Version: 4:4.3.10-16
Severity: normal
Tags: security
Ref:
http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3054
Description:
An issue with trailing slashes in allowed basedirs.
fopen_wrappers.c in PHP 4.4.0, and possibly other versions, does not properly
restrict access to other directories when the open_basedir directive includes
a trailing slash, which allows PHP scripts in one directory to access files in
other directories whose names are substrings of the original directory.
Vulnerable PHP versions:
PHP 4.3.10 appears vulnerable according to advisories on
http://www.securityfocus.com/bid/14957
More information about the pkg-php-maint
mailing list