This site is deprecated. Please
CLICK HERE for latest updates
Short Name |
HTTP:PHP:CMD-INJ
|
Severity |
Major
|
Recommended |
No
|
Category |
HTTP
|
Keywords |
PHP Command Injection
|
Release Date |
2008/12/11
|
Update Number |
1330
|
Supported Platforms |
idp-4.0+, isg-3.0+, j-series-9.5+, mx-11.4+, srx-12.1+, srx-branch-12.1+, vmx-17.4+, vsrx-12.1+, vsrx3bsd-18.2+
|
HTTP: PHP Command Injection
This signature detects Web downloads containing a potentially dangerous PHP script. A malicious site can exploit a known vulnerability in multiple PHP applications and execute arbitrary PHP commands on the victim's server.
Extended Description
phpMyAdmin is prone to a remote PHP code-injection vulnerability.
An attacker can exploit this issue to inject and execute arbitrary malicious PHP code in the context of the webserver process. This may facilitate a compromise of the application and the underlying system; other attacks are also possible.
Versions prior to phpMyAdmin 2.11.9.5 and 3.1.3.1 are vulnerable.
Affected Products
- Debian linux 4.0
- Debian linux 4.0 Alpha
- Debian linux 4.0 Amd64
- Debian linux 4.0 Arm
- Debian linux 4.0 Armel
- Debian linux 4.0 Hppa
- Debian linux 4.0 Ia-32
- Debian linux 4.0 Ia-64
- Debian linux 4.0 M68k
- Debian linux 4.0 Mips
- Debian linux 4.0 Mipsel
- Debian linux 4.0 Powerpc
- Debian linux 4.0 S/390
- Debian linux 4.0 Sparc
- Debian linux 5.0
- Debian linux 5.0 Alpha
- Debian linux 5.0 Amd64
- Debian linux 5.0 Arm
- Debian linux 5.0 Armel
- Debian linux 5.0 Hppa
- Debian linux 5.0 Ia-32
- Debian linux 5.0 Ia-64
- Debian linux 5.0 M68k
- Debian linux 5.0 Mips
- Debian linux 5.0 Mipsel
- Debian linux 5.0 Powerpc
- Debian linux 5.0 S/390
- Debian linux 5.0 Sparc
- Gentoo linux
- Mandriva corporate_server 4.0
- Mandriva corporate_server 4.0.0 X86 64
- Phpmyadmin phpmyadmin 2.11.1
- Phpmyadmin phpmyadmin 2.11.1.1
- Phpmyadmin phpmyadmin 2.11.1.2
- Phpmyadmin phpmyadmin 2.11.2.1
- Phpmyadmin phpmyadmin 2.11.2.2
- Phpmyadmin phpmyadmin 2.11.4
- Phpmyadmin phpmyadmin 2.11.5
- Phpmyadmin phpmyadmin 2.11.5.1
- Phpmyadmin phpmyadmin 2.11.5.2
- Phpmyadmin phpmyadmin 2.11.7
- Phpmyadmin phpmyadmin 2.11.8
- Phpmyadmin phpmyadmin 2.11.8.1
- Phpmyadmin phpmyadmin 2.11.9
- Phpmyadmin phpmyadmin 2.11.9 .1
- Phpmyadmin phpmyadmin 2.11.9.2
- Phpmyadmin phpmyadmin 2.11.9.3
- Phpmyadmin phpmyadmin 2.11.9 4
- Phpmyadmin phpmyadmin 2.2.3
- Phpmyadmin phpmyadmin 2.2.6
- Phpmyadmin phpmyadmin 2.5.1
- Phpmyadmin phpmyadmin 2.5.4
- Phpmyadmin phpmyadmin 2.5.5
- Phpmyadmin phpmyadmin 2.5.5 Pl1
- Phpmyadmin phpmyadmin 2.5.5 -Rc1
- Phpmyadmin phpmyadmin 2.5.5 -Rc2
- Phpmyadmin phpmyadmin 2.5.6 -Rc1
- Phpmyadmin phpmyadmin 2.5.7
- Phpmyadmin phpmyadmin 2.6.0
- Phpmyadmin phpmyadmin 2.6.0 .0Pl1
- Phpmyadmin phpmyadmin 2.6.0 .0Pl2
- Phpmyadmin phpmyadmin 2.6.0 .0Pl3
- Phpmyadmin phpmyadmin 2.6.1
- Phpmyadmin phpmyadmin 2.6.1 Pl1
- Phpmyadmin phpmyadmin 2.6.1 Pl3
- Phpmyadmin phpmyadmin 2.6.1 -Rc1
- Phpmyadmin phpmyadmin 2.6.2
- Phpmyadmin phpmyadmin 2.6.2 -Rc1
- Phpmyadmin phpmyadmin 2.6.3 -Pl1
- Phpmyadmin phpmyadmin 2.6.4 -Pl1
- Phpmyadmin phpmyadmin 2.6.4 -Pl3
- Phpmyadmin phpmyadmin 2.6.4 -Pl4
- Phpmyadmin phpmyadmin 2.6.4 -Rc1
- Phpmyadmin phpmyadmin 2.7.0
- Phpmyadmin phpmyadmin 2.7.0 .0-Beta1
- Phpmyadmin phpmyadmin 2.7.0 -Pl1
- Phpmyadmin phpmyadmin 2.7.0-Pl2
- Phpmyadmin phpmyadmin 2.8.0 .1
- Phpmyadmin phpmyadmin 2.8.0 .3
- Phpmyadmin phpmyadmin 2.8.0 .4
- Phpmyadmin phpmyadmin 2.8.1
- Phpmyadmin phpmyadmin 2.8.2
- Phpmyadmin phpmyadmin 3.0.0
- Phpmyadmin phpmyadmin 3.0.1
- Phpmyadmin phpmyadmin 3.0.1.1
- Phpmyadmin phpmyadmin 3.1.1 0
- Red_hat fedora 10
- Red_hat fedora 9
- Suse opensuse 10.3
- Suse opensuse 11.0
References