PHP 'session_save_path()' 'safe_mode' Restriction-Bypass Vulnerability

Bugtraq ID: 38182
Class: Design Error
CVE: CVE-2010-1130
Remote: No
Local: Yes
Published: Feb 11 2010 12:00AM
Updated: Sep 20 2010 07:11PM
Credit: Grzegorz Stachowiak from SecurityReason
Vulnerable: Ubuntu Ubuntu Linux 9.10 sparc
Ubuntu Ubuntu Linux 9.10 powerpc
Ubuntu Ubuntu Linux 9.10 lpia
Ubuntu Ubuntu Linux 9.10 i386
Ubuntu Ubuntu Linux 9.10 amd64
Ubuntu Ubuntu Linux 9.04 sparc
Ubuntu Ubuntu Linux 9.04 powerpc
Ubuntu Ubuntu Linux 9.04 lpia
Ubuntu Ubuntu Linux 9.04 i386
Ubuntu Ubuntu Linux 9.04 amd64
Ubuntu Ubuntu Linux 8.04 LTS sparc
Ubuntu Ubuntu Linux 8.04 LTS powerpc
Ubuntu Ubuntu Linux 8.04 LTS lpia
Ubuntu Ubuntu Linux 8.04 LTS i386
Ubuntu Ubuntu Linux 8.04 LTS amd64
Ubuntu Ubuntu Linux 6.06 LTS sparc
Ubuntu Ubuntu Linux 6.06 LTS powerpc
Ubuntu Ubuntu Linux 6.06 LTS i386
Ubuntu Ubuntu Linux 6.06 LTS amd64
Ubuntu Ubuntu Linux 10.04 sparc
Ubuntu Ubuntu Linux 10.04 powerpc
Ubuntu Ubuntu Linux 10.04 i386
Ubuntu Ubuntu Linux 10.04 amd64
Red Hat Fedora 12
Red Hat Fedora 11
PHP PHP 5.3.1
PHP PHP 5.3
PHP PHP 5.2.12
PHP PHP 5.2.11
PHP PHP 5.2.10
PHP PHP 5.2.9 -2
PHP PHP 5.2.9
PHP PHP 5.2.8
PHP PHP 5.2.7
PHP PHP 5.2.6
PHP PHP 5.2.5
PHP PHP 5.2.4
PHP PHP 5.2.3
PHP PHP 5.2.2
PHP PHP 5.2.1
+ Ubuntu Ubuntu Linux 7.04 sparc
 + Ubuntu Ubuntu Linux 7.04 powerpc
 + Ubuntu Ubuntu Linux 7.04 i386
 + Ubuntu Ubuntu Linux 7.04 amd64
 PHP PHP 5.2
+ Debian Linux 4.0 sparc
 + Debian Linux 4.0 s/390
 + Debian Linux 4.0 powerpc
 + Debian Linux 4.0 mipsel
 + Debian Linux 4.0 mips
 + Debian Linux 4.0 m68k
 + Debian Linux 4.0 ia-64
 + Debian Linux 4.0 ia-32
 + Debian Linux 4.0 hppa
 + Debian Linux 4.0 arm
 + Debian Linux 4.0 amd64
 + Debian Linux 4.0 alpha
 + Debian Linux 4.0
 Mandriva Linux Mandrake 2010.0 x86_64
Mandriva Linux Mandrake 2010.0
Mandriva Linux Mandrake 2009.1 x86_64
Mandriva Linux Mandrake 2009.1
Mandriva Linux Mandrake 2009.0 x86_64
Mandriva Linux Mandrake 2009.0
Mandriva Linux Mandrake 2008.0 x86_64
Mandriva Linux Mandrake 2008.0
MandrakeSoft Enterprise Server 5 x86_64
MandrakeSoft Enterprise Server 5
MandrakeSoft Corporate Server 4.0 x86_64
MandrakeSoft Corporate Server 4.0
Kolab Kolab Groupware Server 2.2.3
Kolab Kolab Groupware Server 2.2.2
Kolab Kolab Groupware Server 2.2
Kolab Kolab Groupware Server 2.2-rc3
Kolab Kolab Groupware Server 2.2-rc1
Kolab Kolab Groupware Server 2.2 beta3
Kolab Kolab Groupware Server 2.2 beta1
Kolab Kolab Groupware Server 2.2 -rc2
Not Vulnerable: PHP PHP 5.3.2
PHP PHP 5.2.13
Kolab Kolab Groupware Server 2.2.4


 

Privacy Statement
Copyright 2010, SecurityFocus