| Vulnerability Name: | CVE-2007-4652 (CCN-36387) |
| Assigned: | 2007-08-30 |
| Published: | 2007-08-30 |
| Updated: | 2017-07-29 |
| Summary: | The session extension in PHP before 5.2.4 might allow local users to bypass open_basedir restrictions via a session file that is a symlink.
|
| CVSS v3 Severity: | 7.3 High (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L)| Exploitability Metrics: | Attack Vector (AV): Network
Attack Complexity (AC): Low
Privileges Required (PR): None
User Interaction (UI): None | | Scope: | Scope (S): Unchanged
| | Impact Metrics: | Confidentiality (C): Low
Integrity (I): Low
Availibility (A): Low |
|
| CVSS v2 Severity: | 4.4 Medium (CVSS v2 Vector: AV:L/AC:M/Au:N/C:P/I:P/A:P)
3.2 Low (Temporal CVSS v2 Vector: AV:L/AC:M/Au:N/C:P/I:P/A:P/E:U/RL:OF/RC:C)| Exploitability Metrics: | Access Vector (AV): Local
Access Complexity (AC): Medium
Authentication (Au): None | | Impact Metrics: | Confidentiality (C): Partial
Integrity (I): Partial
Availibility (A): Partial |
7.5 High (CCN CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P)
5.5 Medium (CCN Temporal CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P/E:U/RL:OF/RC:C)| Exploitability Metrics: | Access Vector (AV): Network
Access Complexity (AC): Low
Athentication (Au): None
| | Impact Metrics: | Confidentiality (C): Partial
Integrity (I): Partial
Availibility (A): Partial |
|
| Vulnerability Type: | CWE-59
|
| Vulnerability Consequences: | Bypass Security |
| References: | Source: MITRE
Type: CNA
CVE-2007-4652
Source: MITRE
Type: CNA
CVE-2007-4663
Source: CCN
Type: SA26642
PHP Multiple Vulnerabilities
Source: SECUNIA
Type: Patch, Vendor Advisory
26642
Source: SECUNIA
Type: Vendor Advisory
26822
Source: SECUNIA
Type: Vendor Advisory
26838
Source: SECUNIA
Type: Vendor Advisory
27102
Source: SECUNIA
Type: Vendor Advisory
27377
Source: CCN
Type: GLSA-200710-02
PHP: Multiple vulnerabilities
Source: GENTOO
Type: UNKNOWN
GLSA-200710-02
Source: CCN
Type: OSVDB ID: 36866
PHP Session File Symlink open_basedir Restriction Bypass
Source: CCN
Type: OSVDB ID: 38188
PHP glob Function Unspecified Traversal open_basedir Restriction Bypass
Source: CCN
Type: OSVDB ID: 41774
PHP glob open_basedir Bypass File Existence Enumeration
Source: CONFIRM
Type: UNKNOWN
http://www.php.net/ChangeLog-5.php#5.2.4
Source: CCN
Type: PHP Web site
PHP 5.2.4 Release Announcement
Source: CONFIRM
Type: UNKNOWN
http://www.php.net/releases/5_2_4.php
Source: TRUSTIX
Type: UNKNOWN
2007-0026
Source: VUPEN
Type: Vendor Advisory
ADV-2007-3023
Source: XF
Type: UNKNOWN
php-session-security-bypass(36387)
Source: XF
Type: UNKNOWN
php-session-security-bypass(36387)
Source: CONFIRM
Type: UNKNOWN
https://issues.rpath.com/browse/RPL-1693
Source: CONFIRM
Type: UNKNOWN
https://issues.rpath.com/browse/RPL-1702
|
| Vulnerable Configuration: | Configuration 1:
cpe:/a:php:php:1.0.0:-:*:*:*:*:*:*OR cpe:/a:php:php:2.0:*:*:*:*:*:*:*OR cpe:/a:php:php:2.0b10:*:*:*:*:*:*:*OR cpe:/a:php:php:3.0:*:*:*:*:*:*:*OR cpe:/a:php:php:3.0.1:*:*:*:*:*:*:*OR cpe:/a:php:php:3.0.2:*:*:*:*:*:*:*OR cpe:/a:php:php:3.0.3:*:*:*:*:*:*:*OR cpe:/a:php:php:3.0.4:*:*:*:*:*:*:*OR cpe:/a:php:php:3.0.5:*:*:*:*:*:*:*OR cpe:/a:php:php:3.0.6:*:*:*:*:*:*:*OR cpe:/a:php:php:3.0.7:*:*:*:*:*:*:*OR cpe:/a:php:php:3.0.8:*:*:*:*:*:*:*OR cpe:/a:php:php:3.0.9:*:*:*:*:*:*:*OR cpe:/a:php:php:3.0.10:*:*:*:*:*:*:*OR cpe:/a:php:php:3.0.11:*:*:*:*:*:*:*OR cpe:/a:php:php:3.0.12:*:*:*:*:*:*:*OR cpe:/a:php:php:3.0.13:*:*:*:*:*:*:*OR cpe:/a:php:php:3.0.14:*:*:*:*:*:*:*OR cpe:/a:php:php:3.0.15:*:*:*:*:*:*:*OR cpe:/a:php:php:3.0.16:*:*:*:*:*:*:*OR cpe:/a:php:php:3.0.17:*:*:*:*:*:*:*OR cpe:/a:php:php:3.0.18:*:*:*:*:*:*:*OR cpe:/a:php:php:4.0:beta1:*:*:*:*:*:*OR cpe:/a:php:php:4.0:beta2:*:*:*:*:*:*OR cpe:/a:php:php:4.0:beta3:*:*:*:*:*:*OR cpe:/a:php:php:4.0:beta4:*:*:*:*:*:*OR cpe:/a:php:php:4.0:beta_4_patch1:*:*:*:*:*:*OR cpe:/a:php:php:4.0.0:*:*:*:*:*:*:*OR cpe:/a:php:php:4.0.1:-:*:*:*:*:*:*OR cpe:/a:php:php:4.0.2:*:*:*:*:*:*:*OR cpe:/a:php:php:4.0.3:*:*:*:*:*:*:*OR cpe:/a:php:php:4.0.4:-:*:*:*:*:*:*OR cpe:/a:php:php:4.0.5:-:*:*:*:*:*:*OR cpe:/a:php:php:4.0.6:-:*:*:*:*:*:*OR cpe:/a:php:php:4.0.7:-:*:*:*:*:*:*OR cpe:/a:php:php:4.1.0:-:*:*:*:*:*:*OR cpe:/a:php:php:4.1.1:*:*:*:*:*:*:*OR cpe:/a:php:php:4.1.2:*:*:*:*:*:*:*OR cpe:/a:php:php:4.2.0:-:*:*:*:*:*:*OR cpe:/a:php:php:4.2.1:-:*:*:*:*:*:*OR cpe:/a:php:php:4.2.2:*:*:*:*:*:*:*OR cpe:/a:php:php:4.2.3:-:*:*:*:*:*:*OR cpe:/a:php:php:4.3.0:-:*:*:*:*:*:*OR cpe:/a:php:php:4.3.1:*:*:*:*:*:*:*OR cpe:/a:php:php:4.3.2:-:*:*:*:*:*:*OR cpe:/a:php:php:4.3.3:-:*:*:*:*:*:*OR cpe:/a:php:php:4.3.4:-:*:*:*:*:*:*OR cpe:/a:php:php:4.3.5:-:*:*:*:*:*:*OR cpe:/a:php:php:4.3.6:-:*:*:*:*:*:*OR cpe:/a:php:php:4.3.7:-:*:*:*:*:*:*OR cpe:/a:php:php:4.3.8:*:*:*:*:*:*:*OR cpe:/a:php:php:4.3.9:*:*:*:*:*:*:*OR cpe:/a:php:php:4.3.10:-:*:*:*:*:*:*OR cpe:/a:php:php:4.3.11:-:*:*:*:*:*:*OR cpe:/a:php:php:4.4.0:-:*:*:*:*:*:*OR cpe:/a:php:php:4.4.1:-:*:*:*:*:*:*OR cpe:/a:php:php:4.4.2:-:*:*:*:*:*:*OR cpe:/a:php:php:4.4.3:-:*:*:*:*:*:*OR cpe:/a:php:php:4.4.4:-:*:*:*:*:*:*OR cpe:/a:php:php:4.4.5:-:*:*:*:*:*:*OR cpe:/a:php:php:4.4.6:-:*:*:*:*:*:*OR cpe:/a:php:php:4.4.7:-:*:*:*:*:*:*OR cpe:/a:php:php:4.4.8:-:*:*:*:*:*:*OR cpe:/a:php:php:4.4.9:-:*:*:*:*:*:*OR cpe:/a:php:php:5.0.0:-:*:*:*:*:*:*OR cpe:/a:php:php:5.0.0:beta1:*:*:*:*:*:*OR cpe:/a:php:php:5.0.0:beta2:*:*:*:*:*:*OR cpe:/a:php:php:5.0.0:beta3:*:*:*:*:*:*OR cpe:/a:php:php:5.0.0:beta4:*:*:*:*:*:*OR cpe:/a:php:php:5.0.0:rc1:*:*:*:*:*:*OR cpe:/a:php:php:5.0.0:rc2:*:*:*:*:*:*OR cpe:/a:php:php:5.0.0:rc3:*:*:*:*:*:*OR cpe:/a:php:php:5.0.1:-:*:*:*:*:*:*OR cpe:/a:php:php:5.0.2:-:*:*:*:*:*:*OR cpe:/a:php:php:5.0.3:-:*:*:*:*:*:*OR cpe:/a:php:php:5.0.4:-:*:*:*:*:*:*OR cpe:/a:php:php:5.0.5:-:*:*:*:*:*:*OR cpe:/a:php:php:5.1.0:-:*:*:*:*:*:*OR cpe:/a:php:php:5.1.1:*:*:*:*:*:*:*OR cpe:/a:php:php:5.1.2:-:*:*:*:*:*:*OR cpe:/a:php:php:5.1.3:*:*:*:*:*:*:*OR cpe:/a:php:php:5.1.4:*:*:*:*:*:*:*OR cpe:/a:php:php:5.1.5:-:*:*:*:*:*:*OR cpe:/a:php:php:5.1.6:*:*:*:*:*:*:*OR cpe:/a:php:php:5.2.0:*:*:*:*:*:*:*OR cpe:/a:php:php:5.2.1:-:*:*:*:*:*:*OR cpe:/a:php:php:5.2.2:-:*:*:*:*:*:*OR cpe:/a:php:php:*:*:*:*:*:*:*:* (Version <= 5.2.3)
Configuration CCN 1:
cpe:/a:php:php:5.0.3:-:*:*:*:*:*:*OR cpe:/a:php:php:5.0.4:-:*:*:*:*:*:*OR cpe:/a:php:php:5.0.0:-:*:*:*:*:*:*OR cpe:/a:php:php:5.0.5:-:*:*:*:*:*:*OR cpe:/a:php:php:5.1.1:*:*:*:*:*:*:*OR cpe:/a:php:php:5.1.2:-:*:*:*:*:*:*OR cpe:/a:php:php:5.1.4:*:*:*:*:*:*:*OR cpe:/a:php:php:5.0.2:-:*:*:*:*:*:*OR cpe:/a:php:php:5.1.6:*:*:*:*:*:*:*OR cpe:/a:php:php:5.2.0:*:*:*:*:*:*:*OR cpe:/a:php:php:5.2.1:-:*:*:*:*:*:*OR cpe:/a:php:php:5.2.3:-:*:*:*:*:*:*OR cpe:/a:php:php:5.0.0:beta1:*:*:*:*:*:*OR cpe:/a:php:php:5.0.0:beta2:*:*:*:*:*:*OR cpe:/a:php:php:5.0.0:beta3:*:*:*:*:*:*OR cpe:/a:php:php:5.0.0:beta4:*:*:*:*:*:*OR cpe:/a:php:php:5.0.0:rc1:*:*:*:*:*:*OR cpe:/a:php:php:5.0.0:rc2:*:*:*:*:*:*OR cpe:/a:php:php:5.0.0:rc3:*:*:*:*:*:*OR cpe:/a:php:php:5.0.1:-:*:*:*:*:*:*OR cpe:/a:php:php:5.1.0:-:*:*:*:*:*:*OR cpe:/a:php:php:5.1.3:*:*:*:*:*:*:*OR cpe:/a:php:php:5.1.5:-:*:*:*:*:*:*OR cpe:/a:php:php:5.2.2:-:*:*:*:*:*:*AND cpe:/o:gentoo:linux:*:*:*:*:*:*:*:*
 Denotes that component is vulnerable |
| BACK |