CVE-2006-1494 - Secunia Advisories - Vulnerability Intelligence

CVE Reference: CVE-2006-1494
NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE.

Original Page at CVE MITRE: CVE-2006-1494

Description: Directory traversal vulnerability in file.c in PHP 4.4.2 and 5.1.2 allows local users to bypass open_basedir restrictions allows remote attackers to create files in arbitrary directories via the tempnam function.

CVE Status: Candidate

References: XF http://xforce.iss.net/xforce/xfdb/25705 UBUNTU http://www.ubuntu.com/usn/usn-320-1 SUSE http://www.novell.com/linux/security/advisories/05-05-2006.html ST 1015881 SREASONRES http://securityreason.com/achievement_securityalert/36 SREASON http://securityreason.com/securityalert/677 SGI SAID Secunia Advisory: SA21125 Secunia Advisory: SA19979 Secunia Advisory: SA19775 Secunia Advisory: SA22225 Secunia Advisory: SA21723 Secunia Advisory: SA21252 Secunia Advisory: SA21202 Secunia Advisory: SA21135 Secunia Advisory: SA21031 Secunia Advisory: SA19599 REDHAT http://rhn.redhat.com/errata/RHSA-2006-0549.html http://www.redhat.com/support/errata/RHSA-2006-0567.html http://www.redhat.com/support/errata/RHSA-2006-0568.html MANDRIVA http://frontal2.mandriva.com/security/advisories?name=MDKSA-2006:074 CONFIRM http://support.avaya.com/elmodocs2/security/ASA-2006-175.htm BUGTRAQ http://www.securityfocus.com/archive/1/archive/1/447866/100/0/threaded BID 17439

Return to the previous page.