Signature Detail
Short Name |
HTTP:PHP:CEDRIC-EMAIL-PHPINC1 |
|---|---|
Severity |
Medium |
Recommended |
No |
Category |
HTTP |
Keywords |
cedric email php http include |
Release Date |
2003/04/22 |
Update Number |
1213 |
Supported Platforms |
idp-4.0+, isg-3.0+, j-series-9.5+, mx-9.4+, srx-9.2+, srx-branch-9.4+, vsrx-12.1+ |
HTTP: Cedric Email Reader Remote PHP Code Inclusion (1)
This signature detects attempts to exploit a known vulnerability in Cedric Email Reader. Cedric Email Reader versions 0.2, 0.3, and 0.4 are vulnerable. Attackers can exploit the email.php script to execute arbitrary code with the PHP script user privilege of the HTTP daemon.
Extended Description
Remote attackers could execute arbitrary code using the privileges of the logged in user.
References