Red Hat Customer Portal

Skip to main content

CVE-2013-1635

ext/soap/soap.c in PHP before 5.3.22 and 5.4.x before 5.4.13 does not validate the relationship between the soap.wsdl_cache_dir directive and the open_basedir directive, which allows remote attackers to bypass intended access restrictions by triggering the creation of cached SOAP WSDL files in an arbitrary directory.

Details Source

Mitre

Statement

We do not consider safe_mode / open_basedir restriction bypass issues to be security sensitive. For more details see http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=169857#c1 and http://www.php.net/security-note.php

Public Date

2013-02-07 00:00:00

Impact

Moderate

Bugzilla

CVE-2013-1635 php, php53: Arbitrary locations file write due absent validation of soap.wsdl_cache_dir configuration directive value

Bugzilla ID

918 196

CVSS Status

draft

Base Score

5.00

Base Metrics

AV:N/AC:L/Au:N/C:N/I:P/A:N

Affected Packages State

Platform Package State
Red Hat Enterprise Linux 6 php Not affected
Red Hat Enterprise Linux 5 php Not affected
Red Hat Enterprise Linux 5 php53 Not affected