PHP 5.2.6 Vulnerability

Thursday, June 11, 2009

PHP 5.2.6 Vulnerability

Author: hr | Posted at: 9:03 AM | Filed Under: Hacking, Security, Tutorial |

PHP 5.2.6 (error_log) safe_mode Bypass Vulnerability
SecurityReason.com PHP 5.2.6 (error_log) safe_mode bypass
Author: Maksymilian Arciemowicz (cXIb8O3)
securityreason.com
Date:
- - Written: 10.11.2008
- - Public: 20.11.2008

SecurityReason Research
SecurityAlert Id: 57

CWE: CWE-264
SecurityRisk: Medium

Affected Software: PHP 5.2.6
Advisory URL: http://securityreason.com/achievement_securityalert/57
Vendor: http://www.php.net

- --- 0.Description ---
PHP is an HTML-embedded scripting language. Much of its syntax is borrowed from C, Java and Perl
with a couple of unique PHP-specific features thrown in. The goal of the language is to allow web
developers to write dynamically generated pages quickly.

Gadget

Thursday, June 11, 2009