CVE-2006-1608

Published: Apr 10, 2006

Modified: Aug 7, 2024

PUBLISHED

Description

The copy function in file.c in PHP 4.4.2 and 5.1.2 allows local users to bypass safe mode and read arbitrary files via a source argument containing a compress.zlib:// URI.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

19775

third-party-advisory

x_refsource_SECUNIA

php-copy-safemode-bypass(25706)

vdb-entry

x_refsource_XF

20060718 new shell bypass safe mode

mailing-list

x_refsource_BUGTRAQ

20060408 copy() Safe Mode Bypass PHP 4.4.2 and 5.1.2

third-party-advisory

x_refsource_SREASONRES

678

third-party-advisory

x_refsource_SREASON

ADV-2006-1290

vdb-entry

x_refsource_VUPEN

USN-320-1

vendor-advisory

x_refsource_UBUNTU

21125

third-party-advisory

x_refsource_SECUNIA

19599

third-party-advisory

x_refsource_SECUNIA

MDKSA-2006:074

vendor-advisory

x_refsource_MANDRIVA

24487

vdb-entry

x_refsource_OSVDB

20060409 copy() Safe Mode Bypass PHP 4.4.2 and 5.1.2

mailing-list

x_refsource_BUGTRAQ

http://us.php.net/releases/5_1_3.php

x_refsource_CONFIRM

1015882

vdb-entry

x_refsource_SECTRACK

17439

vdb-entry

x_refsource_BID

20060723 Re: new shell bypass safe mode

mailing-list

x_refsource_BUGTRAQ

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2006-1608

Description

Affected Products

References