Signature Detail
Short Name |
HTTP:MISC:FREEPBX-AUTH-BYPASS |
|---|---|
Severity |
High |
Recommended |
Yes |
Recommended Action |
Drop |
Category |
HTTP |
Keywords |
FreePBX unserialize Legacy Package Authentication Bypass |
Release Date |
2014/12/09 |
Update Number |
2449 |
Supported Platforms |
idp-4.0+, isg-3.0+, j-series-9.5+, mx-9.4+, srx-9.2+, srx-branch-9.4+, vsrx-12.1+ |
HTTP: FreePBX unserialize Legacy Package Authentication Bypass
This signature detects attempts to exploit a known vulnerability against FreePBX. A successful attack can lead to arbitrary code execution.
References
- BugTraq: 70188
- CVE: CVE-2014-7235
- URL: http://www.freepbx.org/node/92822