Launchpad.net

Launchpad Home
Code
Bugs
Blueprints
Translations
Answers

CVE 2006-1494

Directory traversal vulnerability in file.c in PHP 4.4.2 and 5.1.2 allows local users to bypass open_basedir restrictions allows remote attackers to create files in arbitrary directories via the tempnam function.

See the

CVE page on Mitre.org for more details.

References

SECUNIA: 19599
SECTRACK: 1015881
SUSE: SUSE-SA:2006:024
REDHAT: RHSA-2006:0568
REDHAT: RHSA-2006:0567
SGI: 20060701-01-U
UBUNTU: USN-320-1
SECUNIA: 21031
SECUNIA: 21135
SECUNIA: 21202
SECUNIA: 21252
REDHAT: RHSA-2006:0549
CONFIRM: http://support.avaya.c...
SECUNIA: 21723
CONFIRM: https://issues.rpath.c...
SECUNIA: 22225
BID: 17439
SECUNIA: 19775
SECUNIA: 19979
SECUNIA: 21125
SREASONRES: 20060408 tempnam() ope...
SREASON: 677
MANDRIVA: MDKSA-2006:074
VUPEN: ADV-2006-1290
XF: php-tempnam-directory-...
OVAL: oval:org.mitre.oval:de...
BUGTRAQ: 20061005 rPSA-2006-018...

Launchpad.net

CVE 2006-1494

Related bugs

References