Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 297369 (CVE-2009-3557) - <dev-lang/php-5.2.12: Multiple vulnerabilities (CVE-2008-7002, CVE-2009-3557)
Summary: <dev-lang/php-5.2.12: Multiple vulnerabilities (CVE-2008-7002, CVE-2009-3557)
Status: RESOLVED FIXED
Alias: CVE-2009-3557
Product: Gentoo Security
Classification: Unclassified
Component: Vulnerabilities (show other bugs)
Hardware: All Linux
: High minor (vote)
Assignee: Gentoo Security
URL: http://www.php.net/releases/5_3_1.php
Whiteboard: B3 [glsa]
Keywords:
Depends on: 293888
Blocks:
  Show dependency tree
 
Reported: 2009-12-18 00:56 UTC by Stefan Behte (RETIRED)
Modified: 2010-01-05 21:14 UTC (History)
1 user (show)

See Also:
Package list:
Runtime testing required: ---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Stefan Behte (RETIRED) gentoo-dev Security 2009-12-18 00:56:26 UTC 
CVE-2009-3557 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3557):
  The tempnam function in ext/standard/file.c in PHP 5.2.11 and
  earlier, and 5.3.x before 5.3.1, allows context-dependent attackers
  to bypass safe_mode restrictions, and create files in group-writable
  or world-writable directories, via the dir and prefix arguments.
Comment 1 Tobias Heinlein (RETIRED) gentoo-dev 2009-12-21 15:41:36 UTC 
CVE-2008-7002 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-7002):
  PHP 5.2.5 does not enforce (a) open_basedir and (b)
  safe_mode_exec_dir restrictions for certain functions, which might
  allow local users to bypass intended access restrictions and call
  programs outside of the intended directory via the (1) exec, (2)
  system, (3) shell_exec, (4) passthru, or (5) popen functions,
  possibly involving pathnames such as "C:" drive notation.
Comment 2 Tobias Heinlein (RETIRED) gentoo-dev 2010-01-05 21:14:18 UTC 
GLSA 201001-03.

Thank you everyone, sorry about the delay.