CVE-2002-0229

PHP <4.1.0 - Privilege Escalation

Title source: llm

Description

Safe Mode feature (safe_mode) in PHP 3.0 through 4.1.0 allows attackers with access to the MySQL database to bypass Safe Mode access restrictions and read arbitrary files using "LOAD DATA INFILE LOCAL" SQL statements.

Exploits (3)

exploitdb WORKING POC

phpremotephp

https://www.exploit-db.com/exploits/21266

View Code ZIP pw:eip

exploitdb WORKING POC

phpremotephp

https://www.exploit-db.com/exploits/21265

View Code ZIP pw:eip

exploitdb WORKING POC

phpremotephp

https://www.exploit-db.com/exploits/21264

View Code ZIP pw:eip

References (7)

[Mailing List] http://marc.info/?l=bugtraq&m=101286577109716&w=2

[Mailing List] http://marc.info/?l=bugtraq&m=101304702002321&w=2

[Mailing List] http://marc.info/?l=ntbugtraq&m=101285016125377&w=2

[Mailing List] http://marc.info/?l=ntbugtraq&m=101303065423534&w=2

[Mailing List] http://marc.info/?l=ntbugtraq&m=101303819613337&w=2

[Vendor Advisory] http://www.iss.net/security_center/static/8105.php

[Third Party Advisory, VDB Entry] http://www.securityfocus.com/bid/4026

Scores

EPSS 0.0544

EPSS Percentile 90.2%

Details

Status published

Products (23)

php/php 3.0

php/php 3.0.1

php/php 3.0.2

php/php 3.0.3

php/php 3.0.4

php/php 3.0.5

php/php 3.0.6

php/php 3.0.7

php/php 3.0.8

php/php 3.0.9

... and 13 more

Published May 16, 2002

Tracked Since Feb 18, 2026