CVE-2008-5624

PHP 5 before 5.2.7 does not properly initialize the page_uid and page_gid global variables for use by the SAPI php_getuid function, which allows context-dependent attackers to bypass safe_mode restrictions via variable settings that are intended to be restricted to root, as demonstrated by a setting of /etc for the error_log variable.

Affected Software

Name	Vendor	Start Version	End Version
Php	Php	5.0.0 (including)	5.0.0 (including)
Php	Php	5.0.0-beta1 (including)	5.0.0-beta1 (including)
Php	Php	5.0.0-beta2 (including)	5.0.0-beta2 (including)
Php	Php	5.0.0-beta3 (including)	5.0.0-beta3 (including)
Php	Php	5.0.0-beta4 (including)	5.0.0-beta4 (including)
Php	Php	5.0.0-rc1 (including)	5.0.0-rc1 (including)
Php	Php	5.0.0-rc2 (including)	5.0.0-rc2 (including)
Php	Php	5.0.0-rc3 (including)	5.0.0-rc3 (including)
Php	Php	5.0.1 (including)	5.0.1 (including)
Php	Php	5.0.2 (including)	5.0.2 (including)
Php	Php	5.0.3 (including)	5.0.3 (including)
Php	Php	5.0.4 (including)	5.0.4 (including)
Php	Php	5.0.5 (including)	5.0.5 (including)
Php	Php	5.1.0 (including)	5.1.0 (including)
Php	Php	5.1.1 (including)	5.1.1 (including)
Php	Php	5.1.2 (including)	5.1.2 (including)
Php	Php	5.1.3 (including)	5.1.3 (including)
Php	Php	5.1.4 (including)	5.1.4 (including)
Php	Php	5.1.5 (including)	5.1.5 (including)
Php	Php	5.1.6 (including)	5.1.6 (including)
Php	Php	5.2.0 (including)	5.2.0 (including)
Php	Php	5.2.1 (including)	5.2.1 (including)
Php	Php	5.2.2 (including)	5.2.2 (including)
Php	Php	5.2.3 (including)	5.2.3 (including)
Php	Php	5.2.4 (including)	5.2.4 (including)
Php	Php	5.2.5 (including)	5.2.5 (including)
Php	Php	5.2.6 (including)	5.2.6 (including)
Php	Php	5.2.7 (including)	5.2.7 (including)
Php4	Ubuntu	dapper	*
Php5	Ubuntu	dapper	*
Php5	Ubuntu	gutsy	*
Php5	Ubuntu	hardy	*
Php5	Ubuntu	intrepid	*
Php5	Ubuntu	upstream	*

NVD	https://nvd.nist.gov/vuln/detail/CVE-2008-5624
CWE	https://cwe.mitre.org/data/definitions/264.html

Affected Software

References