CVE-2006-5178

Name of the Vulnerable Software and Affected Versions PHP versions prior to 5.1.6

Description A race condition exists in the symlink function, allowing local users to bypass the open basedir restriction. This can be achieved by using a combination of symlink, mkdir, and unlink functions to change the file path after the open basedir check and before the file is opened by the underlying system. For example, an attacker can symlink a symlink into a subdirectory to point to a parent directory via .. (dot dot) sequences and then unlink the resulting symlink.

Recommendations For PHP versions prior to 5.1.6, consider upgrading to a version that is not affected by this issue. As a temporary workaround, consider restricting the use of the symlink function to minimize the risk of exploitation. Additionally, ensure that the open basedir restriction is properly configured to limit the directories that can be accessed by PHP scripts.