PHP Safedir Restriction Bypass Vulnerabilities

PHP Safedir Restriction Bypass Vulnerabilities

Published on 2005-11-09. Updated on 2007-03-20.

Description:

PHP is prone to multiple vulnerabilities that permit an attacker to bypass the 'safedir' directory restriction. An attacker can exploit these vulnerabilities to possible execute arbitrary code currently existing on a vulnerable system, or to retrieve the contents of arbitrary files, all in the security context of the Web server process.

Affected PHP version 5.5.0.

Impact:
PHP safedir restriction bypass.

Recommendation:
Upgrade PHP to the latest version.

Tags: Scripts

Alert Tags: configuration
ApplicableApplicationServer : PHP
ApplicableOS: All
ApplicableWebServer: All

References:

BID 15119

PHP Homepage

Go Back

• Product Information
• Download
• Product Tour
• Brochure (PDF)
• Pricing
• Testimonials
• Customer references
• Resell Acunetix
• Acunetix in the Press
• List of vulnerability checks

• Learn more
• SQL Injection
• Cross site scripting
• Web Security
• Directory Traversal
• Ajax Application Security
• Google Hacking