Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2005-3392

Overview

Vulnerability Score 7.5 7.5
CVE Id CVE-2005-3392
Last Modified 07 Mar 2011 09:26:28
Published 01 Nov 2005 07:47:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2005-3392

Summary

Unspecified vulnerability in PHP before 4.4.1, when using the virtual function on Apache 2, allows remote attackers to bypass safe_mode and open_basedir directives.

Vulnerable Systems

Application

  • Php 3.0

  • Php 3.0.1

  • Php 3.0.10

  • Php 3.0.11

  • Php 3.0.12

  • Php 3.0.13

  • Php 3.0.14

  • Php 3.0.15

  • Php 3.0.16

  • Php 3.0.17

  • Php 3.0.18

  • Php 3.0.2

  • Php 3.0.3

  • Php 3.0.4

  • Php 3.0.5

  • Php 3.0.6

  • Php 3.0.7

  • Php 3.0.8

  • Php 3.0.9

  • Php 4.0.0

  • Php 4.0.1

  • Php 4.0.2

  • Php 4.0.3

  • Php 4.0.4

  • Php 4.0.5

  • Php 4.0.6

  • Php 4.0.7

  • Php 4.1.0

  • Php 4.1.1

  • Php 4.1.2

  • Php 4.2

  • Php 4.2.0

  • Php 4.2.1

  • Php 4.2.2

  • Php 4.2.3

  • Php 4.3

  • Php 4.3.1

  • Php 4.3.10

  • Php 4.3.11

  • Php 4.3.2

  • Php 4.3.3

  • Php 4.3.4

  • Php 4.3.5

  • Php 4.3.6

  • Php 4.3.7

  • Php 4.3.8

  • Php 4.3.9

  • Php 4.4.0


References

CERT - TA06-062A

CONFIRM - http://www.php.net/release_4_4_1.php

SECUNIA - 17371

VUPEN - ADV-2006-4320

VUPEN - ADV-2006-0791

VUPEN - ADV-2005-2254

HP - HPSBMA02159

XF - php-virtual-bypass-security(22924)

UBUNTU - USN-232-1

BID - 16907

BID - 15413

SUSE - SUSE-SA:2005:069

OSVDB - 20897

GENTOO - GLSA-200511-08

SREASON - 525

SECUNIA - 22691

SECUNIA - 19064

SECUNIA - 18198

SECUNIA - 18054

SECUNIA - 17510

APPLE - APPLE-SA-2006-03-01

CONFIRM - http://docs.info.apple.com/article.html?artnum=303382

HP - SSRT061238


Last Updated: 27 May 2016 11:02:28