Launchpad.net

Launchpad Home
Code
Bugs
Blueprints
Translations
Answers

CVE 2006-1608

The copy function in file.c in PHP 4.4.2 and 5.1.2 allows local users to bypass safe mode and read arbitrary files via a source argument containing a compress.zlib:// URI.

See the

CVE page on Mitre.org for more details.

References

SECUNIA: 19599
SECTRACK: 1015882
UBUNTU: USN-320-1
BID: 17439
SECUNIA: 19775
SECUNIA: 21125
CONFIRM: http://us.php.net/rele...
OSVDB: 24487
SREASONRES: 20060408 copy() Safe M...
SREASON: 678
MANDRIVA: MDKSA-2006:074
VUPEN: ADV-2006-1290
XF: php-copy-safemode-bypa...
BUGTRAQ: 20060409 copy() Safe M...
BUGTRAQ: 20060718 new shell byp...
BUGTRAQ: 20060723 Re: new shell...

Launchpad.net

CVE 2006-1608

Related bugs

References