PHP cURL Open_Basedir限制绕过漏洞

admin

0
文章

0
评论

2022-07-22 13:27:49 CNNVD漏洞来源：ZONE.CI 全球网 0 阅读模式

漏洞信息详情

PHP cURL Open_Basedir限制绕过漏洞

CNNVD编号：CNNVD-200412-360
危害等级：低危
CVE编号： CVE-2004-1392
漏洞类型：访问验证错误
发布时间： 2004-12-31
威胁类型：远程
更新时间： 2005-10-20
厂商： php
漏洞来源： disclosed this vulnerability.');">FraMe <>

漏洞简介

带有cURL函数的PHP 4.0版本存在漏洞。远程攻击者可以借助curl_init函数的URL参数字段绕过open_basedir设置并读取任意文件。

漏洞公告

Avaya has released an advisory (ASA-2005-136) that acknowlEdges this vulnerability for Avaya products. Please see the referenced Avaya advisory for further details. Conectiva has released an advisory (CLSA-2005:955) and fixes to address this and other issues. Please see the referenced advisory for further information regarding obtaining and applying appropriate updates. Ubuntu Linux has released advisory USN-66-1 to address this, and other issues. Please see the referenced advisory for further information. Ubuntu has released advisory USN-66-2 to release new fixes for this issue. The fixes included in the previous Ubuntu advisory USN-66-1 still allow for some variants of this issue to occur. Please see the referenced advisory for more information. Fedora has released Fedora Legacy advisory FLSA:2344 to address various issues in Red Hat Linux 7.3, Red Hat Linux 9.0 and Fedora Core 1 for the i386 architecture. Please see the referenced advisory for more information. Red Hat released advisory RHSA-2005:405-06 as well as fixes to address this and other issues on Red Hat Linux Enterprise platforms. Customers who are affected by this issue are advised to apply the appropriate updates. Customers subscribed to the Red Hat Network may apply the appropriate fixes using the Red Hat Update Agent (up2date). Please see referenced advisories for additional information. SGI has released an advisory 20050501-01-U including updated SGI ProPack 3 Service Pack 5 packages to address this BID and other issues. Please see the referenced advisory for more information. PHP PHP 4.1.2

RedHat php-4.1.2-7.3.14.legacy.i386.rpmRedHat Linux 7.3 http://download.fedoralegacy.org/redhat/7.3/updates/i386/php-4.1.2-7.3 .14.legacy.i386.rpm
RedHat php-devel-4.1.2-7.3.14.legacy.i386.rpmRedHat Linux 7.3 http://download.fedoralegacy.org/redhat/7.3/updates/i386/php-devel-4.1 .2-7.3.14.legacy.i386.rpm
RedHat php-imap-4.1.2-7.3.14.legacy.i386.rpmRedHat Linux 7.3 http://download.fedoralegacy.org/redhat/7.3/updates/i386/php-imap-4.1. 2-7.3.14.legacy.i386.rpm
RedHat php-ldap-4.1.2-7.3.14.legacy.i386.rpmRedHat Linux 7.3 http://download.fedoralegacy.org/redhat/7.3/updates/i386/php-ldap-4.1. 2-7.3.14.legacy.i386.rpm
RedHat php-manual-4.1.2-7.3.14.legacy.i386.rpmRedHat Linux 7.3 http://download.fedoralegacy.org/redhat/7.3/updates/i386/php-manual-4. 1.2-7.3.14.legacy.i386.rpm
RedHat php-mysql-4.1.2-7.3.14.legacy.i386.rpmRedHat Linux 7.3 http://download.fedoralegacy.org/redhat/7.3/updates/i386/php-mysql-4.1 .2-7.3.14.legacy.i386.rpm
RedHat php-odbc-4.1.2-7.3.14.legacy.i386.rpmRedHat Linux 7.3 http://download.fedoralegacy.org/redhat/7.3/updates/i386/php-odbc-4.1. 2-7.3.14.legacy.i386.rpm
RedHat php-pgsql-4.1.2-7.3.14.legacy.i386.rpmRedHat Linux 7.3 http://download.fedoralegacy.org/redhat/7.3/updates/i386/php-pgsql-4.1 .2-7.3.14.legacy.i386.rpm
RedHat php-snmp-4.1.2-7.3.14.legacy.i386.rpmRedHat Linux 7.3 http://download.fedoralegacy.org/redhat/7.3/updates/i386/php-snmp-4.1. 2-7.3.14.legacy.i386.rpm

PHP PHP 4.2.2

RedHat php-4.2.2-17.10.legacy.i386.rpmRedHat Linux 9 http://download.fedoralegacy.org/redhat/9/updates/i386/php-4.2.2-17.10 .legacy.i386.rpm
RedHat php-devel-4.2.2-17.10.legacy.i386.rpmRedHat Linux 9 http://download.fedoralegacy.org/redhat/9/updates/i386/php-devel-4.2.2 -17.10.legacy.i386.rpm
RedHat php-imap-4.2.2-17.10.legacy.i386.rpmRedHat Linux 9 http://download.fedoralegacy.org/redhat/9/updates/i386/php-imap-4.2.2- 17.10.legacy.i386.rpm
RedHat php-ldap-4.2.2-17.10.legacy.i386.rpmRedHat Linux 9 http://download.fedoralegacy.org/redhat/9/updates/i386/php-ldap-4.2.2- 17.10.legacy.i386.rpm
RedHat php-manual-4.2.2-17.10.legacy.i386.rpmRedHat Linux 9 http://download.fedoralegacy.org/redhat/9/updates/i386/php-manual-4.2. 2-17.10.legacy.i386.rpm
RedHat php-mysql-4.2.2-17.10.legacy.i386.rpmRedHat Linux 9 http://download.fedoralegacy.org/redhat/9/updates/i386/php-mysql-4.2.2 -17.10.legacy.i386.rpm
RedHat php-odbc-4.2.2-17.10.legacy.i386.rpmRedHat Linux 9 http://download.fedoralegacy.org/redhat/9/updates/i386/php-odbc-4.2.2- 17.10.legacy.i386.rpm
RedHat php-pgsql-4.2.2-17.10.legacy.i386.rpmRedHat Linux 9 http://download.fedoralegacy.org/redhat/9/updates/i386/php-pgsql-4.2.2 -17.10.legacy.i386.rpm
RedHat php-snmp-4.2.2-17.10.legacy.i386.rpmRedHat Linux 9 http://download.fedoralegacy.org/redhat/9/updates/i386/php-snmp-4.2.2- 17.10.legacy.i386.rpm

PHP PHP 4.3.3

RedHat php-4.3.10-1.1.legacy.i386.rpmRedHat Fedora Core 1 http://download.fedoralegacy.org/fedora/1/updates/i386/php-4.3.10-1.1. legacy.i386.rpm
RedHat php-devel-4.3.10-1.1.legacy.i386.rpmRedHat Fedora Core 1 http://download.fedoralegacy.org/fedora/1/updates/i386/php-devel-4.3.1 0-1.1.legacy.i386.rpm
RedHat php-domxml-4.3.10-1.1.legacy.i386.rpmRedHat Fedora Core 1 http://download.fedoralegacy.org/fedora/1/updates/i386/php-domxml-4.3. 10-1.1.legacy.i386.rpm
RedHat php-imap-4.3.10-1.1.legacy.i386.rpmRedHat Fedora Core

参考网址

来源: FEDORA 名称: FLSA:2344 链接:https://bugzilla.fedora.us/show_bug.cgi?id=2344 来源: BID 名称: 11557 链接:http://www.securityfocus.com/bid/11557 来源: BUGTRAQ 名称: 20050120 [USN-66-1] PHP vulnerabilities 链接:http://marc.theaimsgroup.com/?l=bugtraq&m=110625060220934&w=2 来源: XF 名称: php-openbasedir-restriction-bypass(17900) 链接:http://xforce.iss.net/xforce/xfdb/17900 来源: REDHAT 名称: RHSA-2005:406 链接:http://www.redhat.com/support/errata/RHSA-2005-406.HTML 来源: REDHAT 名称: RHSA-2005:405 链接:http://www.redhat.com/support/errata/RHSA-2005-405.HTML 来源: SECTRACK 名称: 1011984 链接:http://securitytracker.com/id?1011984 来源: OVAL 名称: oval:org.mitre.oval:def:9279 链接:http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:9279 来源: BUGTRAQ 名称: 20041027 PHP4 cURL functions bypass open_basedir 链接:http://marc.theaimsgroup.com/?l=bugtraq&m=109898213806099&w=2