PHP 'tempnam()' Function 'MAXPATHLEN' Restriction Security Bypass Vulnerability

Bugtraq ID: 49634
Class: Boundary Condition Error
CVE: CVE-2006-2660
Remote: No
Local: Yes
Published: Jun 11 2006 12:00AM
Updated: Jun 11 2006 12:00AM
Credit: Maksymilian Arciemowicz from SecurityReason
Vulnerable: PHP PHP 5.1.4
PHP PHP 5.1.3
PHP PHP 5.1.2
+ Ubuntu Ubuntu Linux 6.06 LTS sparc
+ Ubuntu Ubuntu Linux 6.06 LTS powerpc
+ Ubuntu Ubuntu Linux 6.06 LTS i386
+ Ubuntu Ubuntu Linux 6.06 LTS amd64
PHP PHP 5.1.1
PHP PHP 5.1
PHP PHP 5.0.5
PHP PHP 5.0.4
PHP PHP 5.0.3
+ Trustix Secure Linux 2.2
PHP PHP 5.0.2
PHP PHP 5.0.1
PHP PHP 5.0 .0
PHP PHP 4.4.2
PHP PHP 4.4.1
PHP PHP 4.4 .0
Not Vulnerable: PHP PHP 4.4.3
PHP PHP 5.2
+ Debian Linux 4.0 sparc
+ Debian Linux 4.0 s/390
+ Debian Linux 4.0 powerpc
+ Debian Linux 4.0 mipsel
+ Debian Linux 4.0 mips
+ Debian Linux 4.0 m68k
+ Debian Linux 4.0 ia-64
+ Debian Linux 4.0 ia-32
+ Debian Linux 4.0 hppa
+ Debian Linux 4.0 arm
+ Debian Linux 4.0 amd64
+ Debian Linux 4.0 alpha
+ Debian Linux 4.0


 

Privacy Statement
Copyright 2010, SecurityFocus