Signature Detail

Short Name	HTTP:PHP:PHORUM:READ-ACCESS
Severity	High
Recommended	No
Recommended Action	Drop
Category	HTTP
Keywords	Phorum Read Access
Release Date	2003/04/22
Update Number	1213
Supported Platforms	idp-4.0+, isg-3.0+, j-series-9.5+, mx-9.4+, srx-9.2+, srx-branch-9.4+, vsrx-12.1+

HTTP: Phorum Read Access

This signature detects access to the vulnerable read.php3 script installed with Phorum. Because the script does not validate input, attackers can execute arbitrary SQL statements to modify the database contents, insert new entries, create and drop tables, etc.

Extended Description

By sending a specially-crafted URL request, an attacker could execute arbitrary SQL commands on the server.

References

CVE: CVE-2000-1233
URL: http://www.securiteam.com/exploits/3K5QDS0QAS.html
URL: http://www.cgisecurity.com/archive/php/phorum.shtml

Signature Detail

Short Name

Severity

Recommended

Recommended Action

Category

Keywords

Release Date

Update Number

Supported Platforms

HTTP: Phorum Read Access

Extended Description

References