Lucene search

[email protected]NVD:CVE-2006-5178

HistoryOct 10, 2006 - 4:06 a.m.

CVE-2006-5178

2006-10-1004:06:00

CWE-362

[email protected]

web.nvd.nist.gov

CVSS2

6.2

Attack Vector

LOCAL

Attack Complexity

HIGH

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:H/Au:N/C:C/I:C/A:C

AI Score

6.2

Confidence

Low

EPSS

0.001

Percentile

21.1%

JSON

Race condition in the symlink function in PHP 5.1.6 and earlier allows local users to bypass the open_basedir restriction by using a combination of symlink, mkdir, and unlink functions to change the file path after the open_basedir check and before the file is opened by the underlying system, as demonstrated by symlinking a symlink into a subdirectory, to point to a parent directory via … (dot dot) sequences, and then unlinking the resulting symlink.

Affected configurations

Nvd

Node

phpphpRange≤5.1.6

phpphpMatch4.0

phpphpMatch4.0.1

phpphpMatch4.0.1patch1

phpphpMatch4.0.1patch2

phpphpMatch4.0.2

phpphpMatch4.0.3patch1

phpphpMatch4.0.4

phpphpMatch4.0.5

phpphpMatch4.0.6

phpphpMatch4.0.7

phpphpMatch4.0.7rc1

phpphpMatch4.0.7rc2

phpphpMatch4.0.7rc3

phpphpMatch4.1.0

phpphpMatch4.1.1

phpphpMatch4.1.2

phpphpMatch4.2dev

phpphpMatch4.2.0

phpphpMatch4.2.1

phpphpMatch4.2.2

phpphpMatch4.2.3

phpphpMatch4.3.0

phpphpMatch4.3.1

phpphpMatch4.3.2

phpphpMatch4.3.3

phpphpMatch4.3.4

phpphpMatch4.3.5

phpphpMatch4.3.6

phpphpMatch4.3.7

phpphpMatch4.3.8

phpphpMatch4.3.9

phpphpMatch4.3.10

phpphpMatch4.3.11

phpphpMatch4.4.0

phpphpMatch4.4.1

phpphpMatch4.4.2

phpphpMatch4.4.3

phpphpMatch4.4.4

phpphpMatch5.0rc1

phpphpMatch5.0rc2

phpphpMatch5.0rc3

phpphpMatch5.0.0

phpphpMatch5.0.1

phpphpMatch5.0.2

phpphpMatch5.0.3

phpphpMatch5.0.4

phpphpMatch5.0.5

phpphpMatch5.1.0

phpphpMatch5.1.1

phpphpMatch5.1.2

phpphpMatch5.1.3

phpphpMatch5.1.4

phpphpMatch5.1.5

VendorProductVersionCPE
phpphp*cpe:2.3:a:php:php:*:*:*:*:*:*:*:*
phpphp4.0cpe:2.3:a:php:php:4.0:*:*:*:*:*:*:*
phpphp4.0.1cpe:2.3:a:php:php:4.0.1:*:*:*:*:*:*:*
phpphp4.0.1cpe:2.3:a:php:php:4.0.1:patch1:*:*:*:*:*:*
phpphp4.0.1cpe:2.3:a:php:php:4.0.1:patch2:*:*:*:*:*:*
phpphp4.0.2cpe:2.3:a:php:php:4.0.2:*:*:*:*:*:*:*
phpphp4.0.3cpe:2.3:a:php:php:4.0.3:patch1:*:*:*:*:*:*
phpphp4.0.4cpe:2.3:a:php:php:4.0.4:*:*:*:*:*:*:*
phpphp4.0.5cpe:2.3:a:php:php:4.0.5:*:*:*:*:*:*:*
phpphp4.0.6cpe:2.3:a:php:php:4.0.6:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
php	php	*	cpe:2.3:a:php:php::::::::
php	php	4.0	cpe:2.3:a:php:php:4.0:::::::*
php	php	4.0.1	cpe:2.3:a:php:php:4.0.1:::::::*
php	php	4.0.1	cpe:2.3:a:php:php:4.0.1:patch1::::::
php	php	4.0.1	cpe:2.3:a:php:php:4.0.1:patch2::::::
php	php	4.0.2	cpe:2.3:a:php:php:4.0.2:::::::*
php	php	4.0.3	cpe:2.3:a:php:php:4.0.3:patch1::::::
php	php	4.0.4	cpe:2.3:a:php:php:4.0.4:::::::*
php	php	4.0.5	cpe:2.3:a:php:php:4.0.5:::::::*
php	php	4.0.6	cpe:2.3:a:php:php:4.0.6:::::::*