php
Page content
- Author: voroskoi
- Vulnerable: 5.1.6-3siwenna1
- Unaffected: 5.1.6-4siwenna1
Stefan Esser has reported a vulnerability in PHP, which can be exploited by malicious, local users to bypass certain security restrictions. The vulnerability is caused due to a race condition in the handling of symlinks and can be exploited to bypass the open_basedir protection mechanism.
- Bug Tracker URL: http://bugs.frugalware.org/task/1259