|
|
PHP Realpath() Safe_Mode and Open_Basedir Restriction Bypass Vulnerability
|
Bugtraq ID:
|
24259
|
|
Class:
|
Design Error
|
|
CVE:
|
CVE-2007-3007
|
|
Remote:
|
No
|
|
Local:
|
Yes
|
|
Published:
|
May 24 2007 12:00AM
|
|
Updated:
|
Sep 19 2007 09:30PM
|
|
Credit:
|
The discoverer of this issue is unknown.
|
|
Vulnerable:
|
Trustix Secure Linux 3.0.5
Trustix Secure Linux 3.0
Trustix Secure Linux 2.0
Trustix Operating System Enterprise Server 2.0
S.u.S.E. UnitedLinux 1.0
S.u.S.E. SuSE Linux Standard Server 8.0
S.u.S.E. SuSE Linux School Server for i386
S.u.S.E. SUSE LINUX Retail Solution 8.0
S.u.S.E. SuSE Linux Openexchange Server 4.0
S.u.S.E. SLE SDK 10.SP1
S.u.S.E. openSUSE 10.2
S.u.S.E. Open-Enterprise-Server 0
S.u.S.E. Novell Linux POS 9
S.u.S.E. Linux Enterprise Server 9
S.u.S.E. Linux Enterprise Server 8
S.u.S.E. Linux Enterprise Server 10.SP1
S.u.S.E. Linux 10.1 x86-64
S.u.S.E. Linux 10.1 x86
S.u.S.E. Linux 10.1 ppc
S.u.S.E. Linux 10.0 x86-64
S.u.S.E. Linux 10.0 x86
S.u.S.E. Linux 10.0 ppc
RedHat Fedora Core7 0
PHP PHP 5.2.2
PHP PHP 5.2.1
+
Ubuntu Ubuntu Linux 7.04 sparc
+
Ubuntu Ubuntu Linux 7.04 powerpc
+
Ubuntu Ubuntu Linux 7.04 i386
+
Ubuntu Ubuntu Linux 7.04 amd64
PHP PHP 5.1.6
+
Ubuntu Ubuntu Linux 6.10 sparc
+
Ubuntu Ubuntu Linux 6.10 powerpc
+
Ubuntu Ubuntu Linux 6.10 i386
+
Ubuntu Ubuntu Linux 6.10 amd64
PHP PHP 5.1.5
PHP PHP 5.1.4
PHP PHP 5.1.3
PHP PHP 5.1.3
PHP PHP 5.1.2
+
Ubuntu Ubuntu Linux 6.06 LTS sparc
+
Ubuntu Ubuntu Linux 6.06 LTS powerpc
+
Ubuntu Ubuntu Linux 6.06 LTS i386
+
Ubuntu Ubuntu Linux 6.06 LTS amd64
PHP PHP 5.1.1
PHP PHP 5.1
PHP PHP 5.0.5
PHP PHP 5.0.4
PHP PHP 5.0.3
+
Trustix Secure Linux 2.2
PHP PHP 5.0.2
PHP PHP 5.0.1
PHP PHP 5.0 candidate 3
PHP PHP 5.0 candidate 2
PHP PHP 5.0 candidate 1
PHP PHP 5.0 .0
PHP PHP 5.2
+
Debian Linux 4.0 sparc
+
Debian Linux 4.0 s/390
+
Debian Linux 4.0 powerpc
+
Debian Linux 4.0 mipsel
+
Debian Linux 4.0 mips
+
Debian Linux 4.0 m68k
+
Debian Linux 4.0 ia-64
+
Debian Linux 4.0 ia-32
+
Debian Linux 4.0 hppa
+
Debian Linux 4.0 arm
+
Debian Linux 4.0 amd64
+
Debian Linux 4.0 alpha
+
Debian Linux 4.0
|
|
|
|
Not Vulnerable:
|
PHP PHP 5.2.3
|
|
|
