PHP :: Bug #48036 :: In PHP 5.2.9, curl php module bypass safe_mode & open

Bug #48036	In PHP 5.2.9, curl php module bypass safe_mode & open_basedir security features
Submitted:	2009-04-21 12:36 UTC	Modified:	2009-04-21 12:40 UTC
From:	y dot le dot ny at ifrance dot com	Assigned:
Status:	Not a bug	Package:	cURL related
PHP Version:	5.2.9	OS:	All (Linux and Sun Solaris)
Private report:	No	CVE-ID:	None

View Add Comment Developer Edit

[2009-04-21 12:36 UTC] y dot le dot ny at ifrance dot com

Description:
------------
There is a big security problem with CURL module in PHP 5.2.9.

I use the latest stable release PHP 5.2.9 and the latest stable release Curl 7.19.4 on Redhat Enterprise Linux 3 and 4, on Sun Solaris 8 and 10 and I can reproduce the exploit that is explained at this URL :
http://securityreason.com/achievement_securityalert/61

Please find the problem and patch php curl module 's code source here :
http://cvs.php.net/viewvc.cgi/php-src/ext/curl/ 

Reproduce code:
---------------
http://securityreason.com/achievement_securityalert/61

Patches

Add a Patch

Pull Requests

Add a Pull Request

History

AllCommentsChangesGit/SVN commitsRelated reports

[2009-04-21 12:40 UTC] pajoye@php.net

duplicated #48027

	php.net \| support \| documentation \| report a bug \| advanced search \| search howto \| statistics \| random bug \| login
go to bug id or search bugs for


Copyright © 2001-2024 The PHP Group All rights reserved.	Last updated: Thu Apr 18 00:01:28 2024 UTC