CVE-2004-1020
CVE-2004-1020
The addslashes function in PHP 4.3.9 does not properly escape a NULL (/0) character, which may allow remote attackers to read arbitrary files in PHP applications that contain a directory traversal vulnerability in require or include statements, but are otherwise protected by the magic_quotes_gpc mechanism. NOTE: this issue was originally REJECTed by its CNA before publication, but that decision is in active dispute. This candidate may change significantly in the future as a result of further discussion.
Affected products
n/a · n/apublic PoCs found — 1
exploitdbwww.exploit-db.com/exploits/24985unverified⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.
Want to know if your infrastructure is exposed to this?
Talk to TrueHacking →References
http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000915https://exchange.xforce.ibmcloud.com/vulnerabilities/18516http://www.gentoo.org/security/en/glsa/glsa-200412-14.xmlhttp://www.mandriva.com/security/advisories?name=MDKSA-2004:151http://www.php.net/release_4_3_10.phphttp://www.securityfocus.com/advisories/9028http://www.securityfocus.com/archive/1/384663http://www.securityfocus.com/bid/11981