ID CVE-2006-3016
Summary Unspecified vulnerability in session.c in PHP before 5.1.3 has unknown impact and attack vectors, related to "certain characters in session names," including special characters that are frequently associated with CRLF injection, SQL injection, cross-site scripting (XSS), and HTTP response splitting vulnerabilities. NOTE: while the nature of the vulnerability is unspecified, it is likely that this is related to a violation of an expectation by PHP applications that the session name is alphanumeric, as implied in the PHP manual for session_name().
References
Vulnerable Configurations
  • cpe:2.3:a:php_group:php:*:*:*:*:*:*:*:*
    cpe:2.3:a:php_group:php:*:*:*:*:*:*:*:*
CVSS
Base: 9.3 (as of 18-10-2018 - 16:45)
Impact:
Exploitability:
CWE NVD-CWE-noinfo
CAPEC
Access
VectorComplexityAuthentication
NETWORK MEDIUM NONE
Impact
ConfidentialityIntegrityAvailability
COMPLETE COMPLETE COMPLETE
cvss-vector via4 AV:N/AC:M/Au:N/C:C/I:C/A:C
oval via4
accepted 2013-04-29T04:06:58.517-04:00
class vulnerability
contributors
  • name Aharon Chernin
    organization SCAP.com, LLC
  • name Dragos Prisaca
    organization G2, Inc.
definition_extensions
  • comment The operating system installed on the system is Red Hat Enterprise Linux 3
    oval oval:org.mitre.oval:def:11782
  • comment CentOS Linux 3.x
    oval oval:org.mitre.oval:def:16651
  • comment The operating system installed on the system is Red Hat Enterprise Linux 4
    oval oval:org.mitre.oval:def:11831
  • comment CentOS Linux 4.x
    oval oval:org.mitre.oval:def:16636
  • comment Oracle Linux 4.x
    oval oval:org.mitre.oval:def:15990
description Unspecified vulnerability in session.c in PHP before 5.1.3 has unknown impact and attack vectors, related to "certain characters in session names," including special characters that are frequently associated with CRLF injection, SQL injection, cross-site scripting (XSS), and HTTP response splitting vulnerabilities. NOTE: while the nature of the vulnerability is unspecified, it is likely that this is related to a violation of an expectation by PHP applications that the session name is alphanumeric, as implied in the PHP manual for session_name().
family unix
id oval:org.mitre.oval:def:10597
status accepted
submitted 2010-07-09T03:56:16-04:00
title Unspecified vulnerability in session.c in PHP before 5.1.3 has unknown impact and attack vectors, related to "certain characters in session names," including special characters that are frequently associated with CRLF injection, SQL injection, cross-site scripting (XSS), and HTTP response splitting vulnerabilities. NOTE: while the nature of the vulnerability is unspecified, it is likely that this is related to a violation of an expectation by PHP applications that the session name is alphanumeric, as implied in the PHP manual for session_name().
version 29
redhat via4
advisories
  • rhsa
    id RHSA-2006:0669
  • rhsa
    id RHSA-2006:0682
  • rhsa
    id RHSA-2006:0736
rpms
  • php-0:4.3.2-36.ent
  • php-0:4.3.9-3.18
  • php-debuginfo-0:4.3.2-36.ent
  • php-debuginfo-0:4.3.9-3.18
  • php-devel-0:4.3.2-36.ent
  • php-devel-0:4.3.9-3.18
  • php-domxml-0:4.3.9-3.18
  • php-gd-0:4.3.9-3.18
  • php-imap-0:4.3.2-36.ent
  • php-imap-0:4.3.9-3.18
  • php-ldap-0:4.3.2-36.ent
  • php-ldap-0:4.3.9-3.18
  • php-mbstring-0:4.3.9-3.18
  • php-mysql-0:4.3.2-36.ent
  • php-mysql-0:4.3.9-3.18
  • php-ncurses-0:4.3.9-3.18
  • php-odbc-0:4.3.2-36.ent
  • php-odbc-0:4.3.9-3.18
  • php-pear-0:4.3.9-3.18
  • php-pgsql-0:4.3.2-36.ent
  • php-pgsql-0:4.3.9-3.18
  • php-snmp-0:4.3.9-3.18
  • php-xmlrpc-0:4.3.9-3.18
refmap via4
bid 17843
bugtraq 20061005 rPSA-2006-0182-1 php php-mysql php-pgsql
confirm
mandriva MDKSA-2006:122
osvdb 25253
sectrack 1016306
secunia
  • 19927
  • 21050
  • 22004
  • 22069
  • 22225
  • 22440
  • 22487
  • 23247
sgi 20061001-01-P
turbo TLSA-2006-38
ubuntu USN-320-1
Last major update 18-10-2018 - 16:45
Published 14-06-2006 - 23:02
Last modified 18-10-2018 - 16:45
Back to Top