The posix_mkfifo function in ext/posix/posix.c in PHP before 5.2.12 and 5.3.x before 5.3.1 allows context-dependent attackers to bypass open_basedir restrictions, and create FIFO files, via the pathname and mode arguments, as demonstrated by creating a .htaccess file. Access Complexity selected medium according to the information from X-force link regarding enabling "open_basedir" option.
http://xforce.iss.net/xforce/xfdb/53568
Publication date: Mon, 23 Nov 2009 23:30:00 +0000