Login or Register to Ask a Question and Join Our Community


Security Advisories (RSS)

S-286: PHP Path Translation Vulnerability

Login to Discuss or Reply to this Discussion in Our Community

 
Thread Tools Search this Thread
Special Forums Cybersecurity Security Advisories (RSS) S-286: PHP Path Translation Vulnerability
# 1  
Old 05-09-2008
S-286: PHP Path Translation Vulnerability
PHP contains a path translation vulnerability that may allow an attacker to execute arbitrary code. The risk is MEDIUM. An attacker may be able to execute arbitrary code in the context of an application that uses the vulnerable function. The scope of the impact depends on how the affected application works. Applications that process filename input from the network, such as public-facing web applications, would be vulnerable to a remote attacker.


More...
Login or Register to Ask a Question

Previous Thread | Next Thread

3 More Discussions You Might Find Interesting

1. Emergency UNIX and Linux Support

Migration of website... PHP/Mysql -which path for DB.php

Hi, I have two websites: website1.com and website2.com I didn't write either but have successfully moved all the files from website1.com to website2.com I (thought) I installed all the correct php modules and website2 is mostly up and running. However, my boss found that when we go to a... (15 Replies)
Discussion started by: Astrocloud
15 Replies

2. Shell Programming and Scripting

Parsing 286 length Character string

Hi Friends, I have .txt file which has 13000 records. Each record is 278 character long. I am using below code to extract the string and it takes almost 10 minutes. Any suggestion please. cat filename.txt|while read line do f1=`echo $line|awk '{print substr($1,1,9)}'` f2=`echo... (6 Replies)
Discussion started by: ppat7046
6 Replies

3. UNIX for Dummies Questions & Answers

Unix for 286

Hey, I think I probably qualify as a pre-newbie, so take it slow with me. I'm putting together a 286 system for bits and pieces from my dad's basement and I'm wondering what flavour of unix I should look at putting on it. I'm not looking for a bells and whistles version, just an alternative... (4 Replies)
Discussion started by: Pinck
4 Replies
Login or Register to Ask a Question

LEARN ABOUT PHP

svn_import

SVN_IMPORT(3)								 1							     SVN_IMPORT(3)

svn_import - Imports an unversioned path into a repository

SYNOPSIS

       bool svn_import (string	$path, string  $url, bool  $nonrecursive)

DESCRIPTION

	Commits  unversioned  $path  into  repository  at $url. If $path is a directory and $nonrecursive is FALSE, the directory will be imported
       recursively.

PARAMETERS

	      o $path
		- Path of file or directory to import.

	      Note

		     Relative paths will be resolved as if the current working directory was the one that contains the	PHP  binary.  To  use  the
		     calling script's working directory, use realpath(3) or dirname(__FILE__).

	      o $url
		- Repository URL to import into.

	      o $nonrecursive
		- Whether or not to refrain from recursively processing directories.

RETURN VALUES

	Returns TRUE on success or FALSE on failure.

NOTES

       Warning

	      This  function is EXPERIMENTAL. The behaviour of this function, its name, and surrounding documentation may change without notice in
	      a future release of PHP. This function should be used at your own risk.

EXAMPLES

       Example #1

	      Basic example

	       This example demonstrates a basic use-case of this function.  To  import  a  directory  named  new-files  into  the  repository	at
	      http://www.example.com/svnroot/incoming/abc, use:

	      <?php
	      svn_import(realpath('new-files'), 'http://www.example.com/svnroot/incoming/abc', false);
	      ?>

SEE ALSO

       svn_add(3), SVN documentation for svn import.

PHP Documentation Group 													     SVN_IMPORT(3)