|
|
Subscribe / Log in / New account

php5: restriction bypass

Package(s):php5 CVE #(s):CVE-2015-2348
Created:April 8, 2015 Updated:April 8, 2015
Description: From the CVE entry:

The move_uploaded_file implementation in ext/standard/basic_FUNCTIONs.c in PHP before 5.4.39, 5.5.x before 5.5.23, and 5.6.x before 5.6.7 truncates a pathNAME upon encountering a x00 character, which allows remote attackers to bypass intended extension restrictions and create files with unexpected NAMEs via a crafted second argument. NOTE: this vulnerability exists because of an incomplete fix for bug CVE-2006-7243.

Alerts:
Gentoo 201606-10 php 2016-06-19
Debian-LTS DLA-444-1 php5 2016-02-29
Scientific Linux SLSA-2015:1135-1 php 2015-06-24
Oracle ELSA-2015-1135 php 2015-06-23
CentOS CESA-2015:1135 php 2015-06-24
Red Hat RHSA-2015:1135-01 php 2015-06-23
SUSE SUSE-SU-2015:0868-1 php5 2015-05-13
Red Hat RHSA-2015:1053-01 php55 2015-06-04
Ubuntu USN-2572-1 php5 2015-04-20
openSUSE openSUSE-SU-2015:0684-1 php5 2015-04-08
Red Hat RHSA-2015:1066-01 php54 2015-06-04
to post comments


Copyright © 2025, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds