CVE-2006-3016 Information

Description

Unspecified vulnerability in session.c in PHP before 5.1.3 has unknown impact and attack vectors related to \certain characters in session names\ including special characters that are frequently associated with CRLF injection SQL injection cross-site scripting (XSS) and HTTP response splitting vulnerabilities. NOTE: while the nature of the vulnerability is unspecified it is likely that this is related to a violation of an expectation by PHP applications that the session name is alphanumeric as implied in the PHP manual for session_name().

Reference

ftp://patches.sgi.com/support/free/security/advisories/20061001-01-P.asc http://rhn.redhat.com/errata/RHSA-2006-0736.html http://secunia.com/advisories/19927 http://secunia.com/advisories/21050 http://secunia.com/advisories/22004 http://secunia.com/advisories/22069 http://secunia.com/advisories/22225 http://secunia.com/advisories/22440 http://secunia.com/advisories/22487 http://secunia.com/advisories/23247 http://securitytracker.com/id?1016306 http://support.avaya.com/elmodocs2/security/ASA-2006-221.htm http://support.avaya.com/elmodocs2/security/ASA-2006-222.htm http://www.mandriva.com/security/advisories?name=MDKSA-2006:122 http://www.osvdb.org/25253 http://www.php.net/release_5_1_3.php http://www.redhat.com/support/errata/RHSA-2006-0669.html http://www.redhat.com/support/errata/RHSA-2006-0682.html http://www.securityfocus.com/archive/1/447866/100/0/threaded http://www.securityfocus.com/bid/17843 http://www.turbolinux.com/security/2006/TLSA-2006-38.txt http://www.ubuntu.com/usn/usn-320-1 https://issues.rpath.com/browse/RPL-683 https://oval.cisecurity.org/repository/search/definition/oval3Aorg.mitre.oval3Adef3A10597