SB2013030601 - Permissions, Privileges, and Access Controls in PHP
Published: March 6, 2013 Updated: July 28, 2020
Security Bulletin ID
SB2013030601
Severity
Medium
Patch available
YES
Number of vulnerabilities
1
Exploitation vector
Remote access
Highest impact
Data manipulation
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 1 security vulnerability.
1) Permissions, Privileges, and Access Controls (CVE-ID: CVE-2013-1635)
The vulnerability allows a remote non-authenticated attacker to read and manipulate data.
ext/soap/soap.c in PHP before 5.3.22 and 5.4.x before 5.4.13 does not validate the relationship between the soap.wsdl_cache_dir directive and the open_basedir directive, which allows remote attackers to bypass intended access restrictions by triggering the creation of cached SOAP WSDL files in an arbitrary directory.
Remediation
Install update from vendor's website.
References
- http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=702221
- http://git.php.net/?p=php-src.git;a=blob;f=NEWS;h=36f6f9a4396d3034cc903a4271e7fdeccc5d3ea6;hb=refs/heads/PHP-5.4
- http://git.php.net/?p=php-src.git;a=blob;f=NEWS;h=82afa3a040e639f3595121e45b850d5453906a00;hb=refs/heads/PHP-5.3
- http://git.php.net/?p=php-src.git;a=commitdiff;h=702b436ef470cc02f8e2cc21f2fadeee42103c74
- http://lists.apple.com/archives/security-announce/2013/Sep/msg00002.html
- http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00034.html
- http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00006.html
- http://support.apple.com/kb/HT5880
- http://www.debian.org/security/2013/dsa-2639
- http://www.mandriva.com/security/advisories?name=MDVSA-2013:114
- https://bugs.gentoo.org/show_bug.cgi?id=459904
- https://bugzilla.redhat.com/show_bug.cgi?id=918196
- https://wiki.mageia.org/en/Support/Advisories/MGASA-2013-0101