CVE-2006-4433 | Mend Vulnerability Database

Vulnerability DatabaseCVE-2006-4433

CVE-2006-4433

August 29, 2006

PHP before 4.4.3 and 5.x before 5.1.4 does not limit the character set of the session identifier (PHPSESSID) for third party session handlers, which might make it easier for remote attackers to exploit other vulnerabilities by inserting PHP code into the PHPSESSID, which is stored in the session file. NOTE: it could be argued that this not a vulnerability in PHP itself, rather a design limitation that enables certain attacks against session handlers that do not account for this limitation.

Related Resources (8)

http://www.securityfocus.com/archive/1/444263/100/0/threaded

http://securityreason.com/securityalert/1466

http://www.hardened-php.net/advisory_052006.128.html

http://www.osvdb.org/28233

http://secunia.com/advisories/21573

http://www.osvdb.org/28273

http://www.vupen.com/english/advisories/2006/3388

https://people.canonical.com/~ubuntu-security/cve/CVE-2006-4433

Do you need more information?

CVSS v4

Base Score:

6.9

Attack Vector

NETWORK

Attack Complexity

LOW

Attack Requirements

NONE

Privileges Required

NONE

User Interaction

NONE

Vulnerable System Confidentiality

LOW

Vulnerable System Integrity

LOW

Vulnerable System Availability

LOW

Subsequent System Confidentiality

NONE

Subsequent System Integrity

NONE

Subsequent System Availability

NONE

CVSS v3

Base Score:

7.3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality

LOW

Integrity

LOW

Availability

LOW

CVSS v2

Base Score:

7.5

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

EPSS

Base Score:

2.83

Products

Solutions

Resources

Company

Compare

Developer Tools