PHP prior to 5.3.4 accepts the \0 character in a pathname, which might allow context-dependent malicious users to bypass intended access restrictions by placing a safe file extension after this character, as demonstrated by .php\0.jpg at the end of the argument to the file_exists function.
| Vulnerable Product | Search on Vulmon | Subscribe to Product |
|---|---|---|
php php 5.3.0 |
||
php php 4.0.3 |
||
php php 4.0.4 |
||
php php 4.0 |
||
php php 4.1.0 |
||
php php 4.2.2 |
||
php php 4.2.3 |
||
php php 4.3.2 |
||
php php 4.3.3 |
||
php php 4.4.1 |
||
php php 4.4.2 |
||
php php 4.4.9 |
||
php php 3.0.11 |
||
php php 3.0.18 |
||
php php 3.0.4 |
||
php php 3.0.8 |
||
php php 3.0.5 |
||
php php 5.2.12 |
||
php php 5.2.10 |
||
php php 5.2.8 |
||
php php 5.2.3 |
||
php php 5.2.4 |
||
php php 4.0.1 |
||
php php 4.0.2 |
||
php php 4.2.1 |
||
php php 4.3.10 |
||
php php 4.3.11 |
||
php php 4.3.8 |
||
php php 4.3.9 |
||
php php 4.4.0 |
||
php php 4.4.7 |
||
php php 4.4.8 |
||
php php 3.0 |
||
php php 3.0.2 |
||
php php 3.0.16 |
||
php php 3.0.9 |
||
php php 3.0.7 |
||
php php |
||
php php 5.2.9 |
||
php php 5.2.6 |
||
php php 5.2.16 |
||
php php 5.2.7 |
||
php php 5.1.4 |
||
php php 5.1.5 |
||
php php 5.0.0 |
||
php php 5.0.2 |
||
php php 5.3.1 |
||
php php 5.3.2 |
||
php php 4.0.5 |
||
php php 4.0.6 |
||
php php 4.1.1 |
||
php php 4.1.2 |
||
php php 4.3.0 |
||
php php 4.3.4 |
||
php php 4.3.5 |
||
php php 4.4.3 |
||
php php 4.4.4 |
||
php php 3.0.10 |
||
php php 3.0.13 |
||
php php 3.0.3 |
||
php php 3.0.15 |
||
php php 3.0.6 |
||
php php 2.0b10 |
||
php php 5.2.13 |
||
php php 5.2.11 |
||
php php 5.2.14 |
||
php php 5.2.1 |
||
php php 5.1.2 |
||
php php 5.1.1 |
||
php php 5.0.3 |
||
php php 5.1.3 |
||
php php 5.0.5 |
||
php php 5.0.4 |
||
php php 5.0.1 |
||
php php 4.0.0 |
||
php php 4.0.7 |
||
php php 4.2.0 |
||
php php 4.3.1 |
||
php php 4.3.6 |
||
php php 4.3.7 |
||
php php 4.4.5 |
||
php php 4.4.6 |
||
php php 3.0.12 |
||
php php 3.0.1 |
||
php php 3.0.14 |
||
php php 3.0.17 |
||
php php 2.0 |
||
php php 1.0 |
||
php php 5.2.5 |
||
php php 5.2.0 |
||
php php 5.2.2 |
||
php php 5.2.17 |
||
php php 5.2.15 |
||
php php 5.1.0 |
||
php php 5.1.6 |
Just don't run it anywhere near the internet, m'kay?
Owners of some Seagate NAS boxen will be exposed to a remote execution zero day flaw until a patch drops in May unless they kill some external services. The company learned of flaw in its Business Storage 2-bay NAS products on 18 October, 2014. Australian Beyond Binary hacker OJ Reeves alleged the company failed to fix the flaw or establish a reliable bug disclosure process. "At the time of writing, Shodan reports that there are over 2500 publicly exposed devices on the internet that are likely ...
Unpatched software in the OS means root to your stuff won't be hard, says researcher
An Australian security researcher says a bunch of Seagate NAS devices carry serious vulnerabilities and should be kept away from the Internet. OJ Reeves of Beyond Binary says the Seagate Business NAS line, up to version 2014.00319, carries old versions of PHP, CodeIgniter and Lighttpd. All of these, the post notes, have remotely exploitable vulnerabilities. As well as these, the company's post says the admin application "contains a number of security-related issues”. PHP 5.2.12 is vulnerable t...
Vulmon