Description

PHP 5.2.0 and 4.4 allows local users to bypass safe_mode and open_basedir restrictions via a malicious path and a null byte before a ";" in a session_save_path argument, followed by an allowed path, which causes a parsing inconsistency in which PHP validates the allowed path but sets session.save_path to the malicious path.

Remediation

References

CVE-2006-6383

Related Vulnerabilities

Apache Tomcat Other Vulnerability (CVE-2006-7197)

Apache Tomcat Other Vulnerability (CVE-2002-1567)

WordPress Plugin All-In-One Security (AIOS)-Security and Firewall Cross-Site Scripting (3.8.3)

WordPress Plugin WooCommerce Cross-Site Scripting (5.1.0)

WordPress Plugin Zedna Contact form Directory Traversal (1.1)

Severity

Medium

Classification

CVE-2006-6383 CWE-20

Tags

Missing Update Known Vulnerabilities