[prev in list] [next in list] [prev in thread] [next in thread]
List: oss-security
Subject: Re: [oss-security] CVE request: php 5.2.6 safe_mode bypass
From: Nico Golde <oss-security+ml () ngolde ! de>
Date: 2008-06-19 15:34:38
Message-ID: 20080619153438.GE4263 () ngolde ! de
[Download RAW message or body]
Hi Hanno,
* Hanno Böck <hanno@hboeck.de> [2008-06-19 17:24]:
> Both posted on FD
>
> [PHP 5.2.6 posix_access() (posix ext) safe_mode bypass ]
> http://securityreason.com/achievement_securityalert/54
This is CVE-2008-2665.
> [PHP 5.2.6 chdir(),ftok() (standard ext) safe_mode bypass ]
> http://securityreason.com/achievement_securityalert/55
This is CVE-2008-2666.
Cheers
Nico
--
Nico Golde - http://www.ngolde.de - nion@jabber.ccc.de - GPG: 0x73647CFF
For security reasons, all text in this mail is double-rot13 encrypted.
[Attachment #3 (application/pgp-signature)]
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic