PHP *ini_restore()* Security Bypass Vulnerability Date: Wednesday, October 11, 2006 @ 02:06:53 CDT Topic: Security SECUNIA ADVISORY ID: SA22282 VERIFY ADVISORY: http://secunia.com/advisories/22282/ CRITICAL: Less critical IMPACT: Security Bypass WHERE: Local system SOFTWARE: PHP 5.1.x - http://secunia.com/product/6796/ PHP 5.0.x - http://secunia.com/product/3919/ PHP 4.4.x - http://secunia.com/product/5768/ PHP 4.3.x - http://secunia.com/product/922/ DESCRIPTION: Maksymilian Arciemowicz has reported a vulnerability in PHP, which can be exploited by malicious, local users to bypass certain security restrictions. The vulnerability is caused due to an error within the "ini_restore()" function, which can be exploited to reset certain options to their default value specified in php.ini. The vulnerability has been reported in versions 4.4.4 and 5.1.6. Other versions may also be affected. SOLUTION: A fix is available in the CVS repository. PROVIDED AND/OR DISCOVERED BY: Maksymilian Arciemowicz ORIGINAL ADVISORY: http://securityreason.com/achievement_securityalert/42 This article comes from Ravens PHP Scripts https://www.ravenphpscripts.com The URL for this story is: https://www.ravenphpscripts.com/modules.php?name=News&file=article&sid=2450