Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!

Bug 297369 (CVE-2009-3557)

Summary: <dev-lang/php-5.2.12: Multiple vulnerabilities (CVE-2008-7002, CVE-2009-3557)
Product: Gentoo Security Reporter: Stefan Behte (RETIRED) <craig>
Component: VulnerabilitiesAssignee: Gentoo Security <security>
Status: RESOLVED FIXED    
Severity: minor CC: php-bugs
Priority: High    
Version: unspecified   
Hardware: All   
OS: Linux   
URL: http://www.php.net/releases/5_3_1.php
Whiteboard: B3 [glsa]
Package list:
Runtime testing required: ---
Bug Depends on: 293888    
Bug Blocks:    

Description Stefan Behte (RETIRED) gentoo-dev Security 2009-12-18 00:56:26 UTC 
CVE-2009-3557 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3557):
  The tempnam function in ext/standard/file.c in PHP 5.2.11 and
  earlier, and 5.3.x before 5.3.1, allows context-dependent attackers
  to bypass safe_mode restrictions, and create files in group-writable
  or world-writable directories, via the dir and prefix arguments.
Comment 1 Tobias Heinlein (RETIRED) gentoo-dev 2009-12-21 15:41:36 UTC 
CVE-2008-7002 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-7002):
  PHP 5.2.5 does not enforce (a) open_basedir and (b)
  safe_mode_exec_dir restrictions for certain functions, which might
  allow local users to bypass intended access restrictions and call
  programs outside of the intended directory via the (1) exec, (2)
  system, (3) shell_exec, (4) passthru, or (5) popen functions,
  possibly involving pathnames such as "C:" drive notation.
Comment 2 Tobias Heinlein (RETIRED) gentoo-dev 2010-01-05 21:14:18 UTC 
GLSA 201001-03.

Thank you everyone, sorry about the delay.