PHP Open_BaseDir Security Restriction Bypass Vulnerability

PHP is prone to a vulnerability regarding the unauthorized access to directories outside the base directory.

The problem presents itself in the way PHP handles the 'open_basedir' directive.

Successful exploitation will grant an attacker access to directories outside the designated base directory. As a result, the attacker may access possibly privileged information.

This issue is reported to affect PHP versions 4.4.0 and 5.0.5; other versions may also be vulnerable.


 

Privacy Statement
Copyright 2010, SecurityFocus