oss-sec mailing list archives
Re: CVE request: php 5.2.6 safe_mode bypass
From: Nico Golde <oss-security+ml () ngolde de>
Date: Thu, 19 Jun 2008 17:34:38 +0200
Hi Hanno, * Hanno Böck <hanno () hboeck de> [2008-06-19 17:24]:
Both posted on FD [PHP 5.2.6 posix_access() (posix ext) safe_mode bypass ] http://securityreason.com/achievement_securityalert/54
This is CVE-2008-2665.
[PHP 5.2.6 chdir(),ftok() (standard ext) safe_mode bypass ] http://securityreason.com/achievement_securityalert/55
This is CVE-2008-2666. Cheers Nico -- Nico Golde - http://www.ngolde.de - nion () jabber ccc de - GPG: 0x73647CFF For security reasons, all text in this mail is double-rot13 encrypted.
Attachment:
_bin
Description:
Current thread:
- CVE request: php 5.2.6 safe_mode bypass Hanno Böck (Jun 19)
- Re: CVE request: php 5.2.6 safe_mode bypass Nico Golde (Jun 19)