Oval Definition:oval:org.opensuse.security:def:20066383
Revision Date:2015-11-16Version:1
Title:CVE-2006-6383
Description:
PHP 5.2.0 and 4.4 allows local users to bypass safe_mode and open_basedir restrictions via a malicious path and a null byte before a ";" in a session_save_path argument, followed by an allowed path, which causes a parsing inconsistency in which PHP validates the allowed path but sets session.save_path to the malicious path.
Family:unixClass:vulnerability
Status:Reference(s):CVE-2006-6383
Platform(s):Open Enterprise Server
openSUSE 10.2
SUSE CORE 9 for AMD64 and Intel EM64T
SUSE CORE 9 for IBM POWER
SUSE CORE 9 for IBM S/390 31bit
SUSE CORE 9 for IBM zSeries 64bit
SUSE CORE 9 for Itanium Processor Family
SUSE CORE 9 for x86
SUSE LINUX 10.0
SUSE LINUX 10.1
SUSE LINUX 9.3
SuSE Linux Enterprise Server 8 for AMD64
SuSE Linux Enterprise Server 8 for IBM iSeries and IBM pSeries
SuSE Linux Enterprise Server 8 for IBM zSeries
SuSE Linux Enterprise Server 8 for IPF
SuSE Linux Openexchange Server 4
SUSE LINUX Retail Solution 8
SuSE Linux School Server for i386
SuSE Linux Standard Server 8
UnitedLinux 1.0
Product(s):
BACK