CVE-2007-5900

Published: 20 November 2007

PHP before 5.2.5 allows local users to bypass protection mechanisms configured through php_admin_value or php_admin_flag in httpd.conf by using ini_set to modify arbitrary configuration variables, a different issue than CVE-2006-4625.

Notes

Author	Note
jdstrand	requires malicious script

Priority

Status

Package	Release	Status
php5 Launchpad, Ubuntu, Debian	dapper	Released (5.1.2-1ubuntu3.13)
	feisty	Ignored (end of life, was needed)
	gutsy	Released (5.2.3-1ubuntu6.5)
	hardy	Released (5.2.4-2ubuntu5.5)
	intrepid	Not vulnerable (5.2.5-3ubuntu1)
	upstream	Released (5.2.5)
	Patches: upstream: http://cvs.php.net/viewvc.cgi/ZendEngine2/zend_ini.c?hideattic=1&r1=1.39.2.2.2.8&r2=1.39.2.2.2.9 upstream: http://cvs.php.net/viewvc.cgi/ZendEngine2/zend_ini.c?hideattic=1&r1=1.39.2.2.2.9&r2=1.39.2.2.2.10 upstream: http://cvs.php.net/viewvc.cgi/ZendEngine2/zend_ini.c?hideattic=1&r1=1.39.2.2.2.13&r2=1.39.2.2.2.14 upstream: http://cvs.php.net/viewvc.cgi/ZendEngine2/zend_ini.c?hideattic=1&r1=1.39.2.2.2.14&r2=1.39.2.2.2.15 upstream: http://cvs.php.net/viewvc.cgi/ZendEngine2/zend_ini.h?hideattic=1&r1=1.34.2.1.2.4&r2=1.34.2.1.2.5 upstream: http://cvs.php.net/viewvc.cgi/ZendEngine2/zend_ini.h?hideattic=1&r1=1.34.2.1.2.5&r2=1.34.2.1.2.6 upstream: http://cvs.php.net/viewvc.cgi/ZendEngine2/zend_vm_def.h?hideattic=1&r1=1.59.2.29.2.47&r2=1.59.2.29.2.48 upstream: http://cvs.php.net/viewvc.cgi/ZendEngine2/zend_vm_execute.h?hideattic=1&r1=1.62.2.30.2.48&r2=1.62.2.30.2.49 upstream: http://cvs.php.net/viewvc.cgi/ZendEngine2/zend_ini.c?hideattic=1&r1=1.39.2.2.2.26&r2=1.39.2.2.2.27

References

Bugs

Join the discussion

Canonical is offering Expanded Security Maintenance

Canonical is offering Ubuntu Expanded Security Maintenance (ESM) for security fixes and essential packages.

Find out more about ESM ›