oss-sec mailing list archives
Re: CVE request: php 5.3.1 - proc_open() bypass PHP Bug #49026 [was: Re: [oss-security] CVE request: php 5.3.1 update]
From: Milen Rangelov <mrangelov () globul bg>
Date: Fri, 27 Nov 2009 15:42:25 +0200
Hello,
CVE-2009-4018
PHP before 5.3.1 proc_open() can be used to bypass the safe_mode_protected_env_vars INI setting. This could be used to alter the process environment possibly executing arbitrary code. http://www.php.net/ChangeLog-5.php#5.3.1 http://bugs.php.net/bug.php?id=49026 http://marc.info/?l=oss-security&m=125897935330618&w=2 Thanks. -- JB
Great to see an almost one-year-old bug getting fixed (and assigned a CVE ID for that matter). It was reported back in 2008 but apparently noone took care: http://www.securityfocus.com/bid/32717/info Regards, Milen Rangelov
Current thread:
- Re: CVE request: php 5.3.1 - proc_open() bypass PHP Bug #49026 [was: Re: [oss-security] CVE request: php 5.3.1 update] Milen Rangelov (Nov 27)