[Forgot Password]
Login  Register Subscribe

30479

 
 

423868

 
 

249966

 
 

909

 
 

195636

 
 

282

 
Paid content will be excluded from the download.


Download | Alert*
CVE
view JSON

CVE-2006-1494Date: (C)2006-04-10   (M)2023-12-22


Directory traversal vulnerability in file.c in PHP 4.4.2 and 5.1.2 allows local users to bypass open_basedir restrictions allows remote attackers to create files in arbitrary directories via the tempnam function.

CVSS Score and Metrics +CVSS Score and Metrics -

CVSS V2 Severity:
CVSS Score : 2.6
Exploit Score: 4.9
Impact Score: 2.9
 
CVSS V2 Metrics:
Access Vector: NETWORK
Access Complexity: HIGH
Authentication: NONE
Confidentiality: NONE
Integrity: PARTIAL
Availability: NONE
  
Reference:
SECTRACK-1015881
BID-17439
SECUNIA-19599
SECUNIA-19775
SECUNIA-19979
http://securityreason.com/achievement_securityalert/36
20060701-01-U
http://www.securityfocus.com/archive/1/447866/100/0/threaded
SECUNIA-21031
SECUNIA-21125
SECUNIA-21135
SECUNIA-21202
SECUNIA-21252
SECUNIA-21723
SECUNIA-22225
SREASON-677
ADV-2006-1290
MDKSA-2006:074
RHSA-2006:0549
RHSA-2006:0567
RHSA-2006:0568
SUSE-SA:2006:024
USN-320-1
http://support.avaya.com/elmodocs2/security/ASA-2006-175.htm
https://issues.rpath.com/browse/RPL-683
oval:org.mitre.oval:def:10196
php-tempnam-directory-traversal(25705)

CPE    52
cpe:/a:php:php:5.0.0:rc3
cpe:/a:php:php:5.0.0:rc2
cpe:/a:php:php:5.0.0:rc1
cpe:/a:php:php:5.1.0
...

© SecPod Technologies