CVE-2006-5178

Exploit

EPSS 0.11%
Published 10.10.2006 04:06:00
Last modified 09.04.2025 00:30:58
Source cve@mitre.org
Teams watchlist Login
Open Login

Race condition in the symlink function in PHP 5.1.6 and earlier allows local users to bypass the open_basedir restriction by using a combination of symlink, mkdir, and unlink functions to change the file path after the open_basedir check and before the file is opened by the underlying system, as demonstrated by symlinking a symlink into a subdirectory, to point to a parent directory via .. (dot dot) sequences, and then unlinking the resulting symlink.

Affected products Warnungen 0 Metrics 2 CWE 1 References 18

Data is provided by the National Vulnerability Database (NVD)

Php ≫ Php Version <= 5.1.6

Php ≫ Php Version4.0

Php ≫ Php Version4.0.1

Php ≫ Php Version4.0.1 Updatepatch1

Php ≫ Php Version4.0.1 Updatepatch2

Php ≫ Php Version4.0.2

Php ≫ Php Version4.0.3 Updatepatch1

Php ≫ Php Version4.0.4

Php ≫ Php Version4.0.5

Php ≫ Php Version4.0.6

Php ≫ Php Version4.0.7

Php ≫ Php Version4.0.7 Updaterc1

Php ≫ Php Version4.0.7 Updaterc2

Php ≫ Php Version4.0.7 Updaterc3

Php ≫ Php Version4.1.0

Php ≫ Php Version4.1.1

Php ≫ Php Version4.1.2

Php ≫ Php Version4.2 Editiondev

Php ≫ Php Version4.2.0

Php ≫ Php Version4.2.1

Php ≫ Php Version4.2.2

Php ≫ Php Version4.2.3

Php ≫ Php Version4.3.0

Php ≫ Php Version4.3.1

Php ≫ Php Version4.3.2

Php ≫ Php Version4.3.3

Php ≫ Php Version4.3.4

Php ≫ Php Version4.3.5

Php ≫ Php Version4.3.6

Php ≫ Php Version4.3.7

Php ≫ Php Version4.3.8

Php ≫ Php Version4.3.9

Php ≫ Php Version4.3.10

Php ≫ Php Version4.3.11

Php ≫ Php Version4.4.0

Php ≫ Php Version4.4.1

Php ≫ Php Version4.4.2

Php ≫ Php Version4.4.3

Php ≫ Php Version4.4.4

Php ≫ Php Version5.0 Updaterc1

Php ≫ Php Version5.0 Updaterc2

Php ≫ Php Version5.0 Updaterc3

Php ≫ Php Version5.0.0

Php ≫ Php Version5.0.1

Php ≫ Php Version5.0.2

Php ≫ Php Version5.0.3

Php ≫ Php Version5.0.4

Php ≫ Php Version5.0.5

Php ≫ Php Version5.1.0

Php ≫ Php Version5.1.1

Php ≫ Php Version5.1.2

Php ≫ Php Version5.1.3

Php ≫ Php Version5.1.4

Php ≫ Php Version5.1.5

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	0.11%	0.308

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	6.2	1.9	10	AV:L/AC:H/Au:N/C:C/I:C/A:C

CWE-362 Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')

The product contains a concurrent code sequence that requires temporary, exclusive access to a shared resource, but a timing window exists in which the shared resource can be modified by another code sequence operating concurrently.

http://www.turbolinux.com/security/2006/TLSA-2006-38.txt

http://secunia.com/advisories/22424

http://www.mandriva.com/security/advisories?name=MDKSA-2006:185

http://www.securityfocus.com/archive/1/448953/100/0/threaded

http://lists.grok.org.uk/pipermail/full-disclosure/2006-October/049850.html

Exploit

http://secunia.com/advisories/22235

Vendor Advisory

Exploit

http://securityreason.com/securityalert/1692

http://securitytracker.com/id?1016977

Exploit