Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2002-0985

Overview

Vulnerability Score 7.5 7.5
CVE Id CVE-2002-0985
Last Modified 05 Sep 2008 04:29:28
Published 24 Sep 2002 12:00:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2002-0985

Summary

Argument injection vulnerability in the mail function for PHP 4.x to 4.2.2 may allow attackers to bypass safe mode restrictions and modify command line arguments to the MTA (e.g. sendmail) in the 5th argument to mail(), altering MTA behavior and possibly executing commands.

Vulnerable Systems

Application

  • Php 3.0.18

  • Php 4.0

  • Php 4.0.1

  • Php 4.0.2

  • Php 4.0.3

  • Php 4.0.4

  • Php 4.0.5

  • Php 4.0.6

  • Php 4.0.7

  • Php 4.1.0

  • Php 4.1.1

  • Php 4.1.2

  • Php 4.2.0

  • Php 4.2.1

  • Php 4.2.2


References

REDHAT - RHSA-2002:213

DEBIAN - DSA-168

XF - php-mail-safemode-bypass(9966)

BUGTRAQ - 20020823 PHP: Bypass safe_mode and inject ASCII control chars with mail()

REDHAT - RHSA-2003:159

REDHAT - RHSA-2002:248

REDHAT - RHSA-2002:244

REDHAT - RHSA-2002:243

REDHAT - RHSA-2002:214

OSVDB - 2111

SUSE - SuSE-SA:2002:036

MANDRAKE - MDKSA-2003:082

BUGTRAQ - 20030707 [OpenPKG-SA-2003.032] OpenPKG Security Advisory (php)

CONECTIVA - CLA-2002:545

CALDERA - CSSA-2003-008.0


Last Updated: 27 May 2016 10:37:08