CVE-2003-0863

The php_check_safe_mode_include_dir function in fopen_wrappers.c of PHP 4.3.x returns a success value (0) when the safe_mode_include_dir variable is not specified in configuration, which differs from the previous failure value and may allow remote attackers to exploit file include vulnerabilities in PHP applications.

CVSS v2.0 7.5 HIGH

7.5^/10

CVSS v2.0 : HIGH

Vector : AV:N/AC:L/Au:N/C:P/I:P/A:P

Exploitability : 10.0 / Impact : 6.4

Access Vector NETWORK

Access Complexity LOW

Authentication NONE

Confidentiality Impact PARTIAL

Integrity Impact PARTIAL

Availability Impact PARTIAL

References

Link	Resource
http://marc.info/?l=bugtraq&m=105839111204227
http://marc.info/?l=bugtraq&m=105839111204227

Configurations

Configuration 1 (hide)

OR	cpe:2.3:a:php:php:4.3.0:::::::*
	cpe:2.3:a:php:php:4.3.1:::::::*
	cpe:2.3:a:php:php:4.3.2:::::::*

History

20 Nov 2024, 23:45

Type	Values Removed	Values Added
References	~~() http://marc.info/?l=bugtraq&m=105839111204227 -~~	() http://marc.info/?l=bugtraq&m=105839111204227 -

Information

Published : 2003-11-17 05:00

Updated : 2024-11-20 23:45

NVD link : CVE-2003-0863

Mitre link : CVE-2003-0863

CVE.ORG link : CVE-2003-0863

JSON object : View

Products Affected

php

php

CWE

NVD-CWE-Other

{"id": "CVE-2003-0863", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 7.5, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "authentication": "NONE", "integrityImpact": "PARTIAL", "accessComplexity": "LOW", "availabilityImpact": "PARTIAL", "confidentialityImpact": "PARTIAL"}, "acInsufInfo": false, "impactScore": 6.4, "baseSeverity": "HIGH", "obtainAllPrivilege": false, "exploitabilityScore": 10.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": true, "userInteractionRequired": false}]}, "published": "2003-11-17T05:00:00.000", "references": [{"url": "http://marc.info/?l=bugtraq&m=105839111204227", "source": "cve@mitre.org"}, {"url": "http://marc.info/?l=bugtraq&m=105839111204227", "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "NVD-CWE-Other"}]}], "descriptions": [{"lang": "en", "value": "The php_check_safe_mode_include_dir function in fopen_wrappers.c of PHP 4.3.x returns a success value (0) when the safe_mode_include_dir variable is not specified in configuration, which differs from the previous failure value and may allow remote attackers to exploit file include vulnerabilities in PHP applications."}, {"lang": "es", "value": "La funci\u00f3n php_check_safe_module_include_dir en fopen_wrappers.c de PHP 4.3.x devuelve una valor de \u00e9xito (0) cuando la variable safe_mode_include_dir no est\u00e1 especificada en la configuraci\u00f3n, lo que difiere del valor de fallo anterior y puede permitir a atacantes remotos explotar vulnerabilidades de inclusi\u00f3n de ficheros en aplicaciones PHP."}], "lastModified": "2024-11-20T23:45:41.960", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:php:php:4.3.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "63190D9B-7958-4B93-87C6-E7D5A572F6DC"}, {"criteria": "cpe:2.3:a:php:php:4.3.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "7AB2E2E8-81D6-4973-AC0F-AA644EE99DD3"}, {"criteria": "cpe:2.3:a:php:php:4.3.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "4AAF4586-74FF-47C6-864B-656FDF3F33D0"}], "operator": "OR"}]}], "vendorComments": [{"comment": "Not vulnerable. This issue did not affect the versions of PHP as shipped with Red Hat Enterprise Linux 2.1. The PHP packages in Red Hat Enterprise Linux 3 contain a backported patch to address this issue since release. \n\nThe issue was fixed upstream in PHP 4.3.3. The PHP packages in Red Hat Enterprise Linux 4 and 5 are based on fixed upstream versions.\n", "lastModified": "2008-06-30T00:00:00", "organization": "Red Hat"}], "sourceIdentifier": "cve@mitre.org"}