SECUNIA ADVISORY ID: SA22282
VERIFY ADVISORY: http://secunia.com/advisories/22282/
CRITICAL: Less critical
IMPACT: Security Bypass
WHERE: Local system
SOFTWARE:
PHP 5.1.x - http://secunia.com/product/6796/
PHP 5.0.x - http://secunia.com/product/3919/
PHP 4.4.x - http://secunia.com/product/5768/
PHP 4.3.x - http://secunia.com/product/922/
DESCRIPTION: Maksymilian Arciemowicz has reported a vulnerability in PHP, which can be exploited by malicious, local users to bypass certain security restrictions. The vulnerability is caused due to an error within the "ini_restore()" function, which can be exploited to reset certain options to their default value specified in php.ini. The vulnerability has been reported in versions 4.4.4 and 5.1.6. Other versions may also be affected.
SOLUTION: A fix is available in the CVS repository.
PROVIDED AND/OR DISCOVERED BY: Maksymilian Arciemowicz
ORIGINAL ADVISORY: http://securityreason.com/achievement_securityalert/42
PHP *ini_restore()* Security Bypass VulnerabilityPosted on Wednesday, October 11, 2006 @ 02:06:53 CDT in Security |