Rapid7 Vulnerability & Exploit Database

PHP Safemode Restriction Bypass

Back to Search

PHP Safemode Restriction Bypass

Severity
7
CVSS
(AV:N/AC:M/Au:N/C:P/I:P/A:P)
Published
10/17/2005
Created
07/25/2018
Added
08/31/2007
Modified
01/30/2015

Description

PHP is prone to multiple vulnerabilities that permit an attacker to bypass the 'safedir' directory restriction by using image*() functions and cURL.

An attacker can exploit these vulnerabilities to possible execute arbitrary code currently existing on a vulnerable system, or to retrieve the contents of arbitrary files, all in the security context of the Web server process. Information obtained may aid in further attacks against the affected system; other attacks are also possible.

Solution(s)

  • php-upgrade-5_1_0

With Rapid7 live dashboards, I have a clear view of all the assets on my network, which ones can be exploited, and what I need to do in order to reduce the risk in my environment in real-time. No other tool gives us that kind of value and insight.

– Scott Cheney, Manager of Information Security, Sierra View Medical Center

;