FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

php -- open_basedir bypass

Affected packages
php5 < 5.3.4
php52 < 5.2.15

Details

VuXML ID 73634294-0fa7-11e0-becc-0022156e8794
Discovery 2010-12-10
Entry 2011-01-13

MITRE reports:

fopen_wrappers.c in PHP 5.3.x through 5.3.3 might allow remote attackers to bypass open_basedir restrictions via vectors related to the length of a filename.

References

Bugtraq ID 44723
CVE Name CVE-2010-3436