Juniper Networks
Solutions
Products & Services
Company
Partners
Support
Education

Signature Detail

Security Intelligence Center
Signatures
Print

Short Name

 HTTP:PHP:PHORUM:REMOTE-EXEC

Severity

 High

Recommended

 No

Recommended Action

 Drop

Category

 HTTP

Keywords

 Phorum Remote PHP File Inclusion

Release Date

 2003/04/22

Update Number

 1213

Supported Platforms

 idp-4.0+, isg-3.0+, j-series-9.5+, mx-9.4+, srx-9.2+, srx-branch-9.4+, vsrx-12.1+

HTTP: Phorum Remote PHP File Inclusion


This signature detects attempts to exploit a known vulnerability in the PHP Phorum bulletin board system. A successful attack can allow attackers to remotely execute arbitrary commands with HTTP server privileges.

Extended Description

Phorum is a PHP based web forums package designed for most UNIX variants, Linux, and Microsoft Windows operating systems. A vulnerability has been reported in Phorum that will allow remote attackers to specify external PHP scripts and potentially execute commands. The vulnerability exists in 'plugin.php','admin.php' and 'del.php' files found in the distribution of Phorum. It is possible for a malicious attacker to specify the location of a parameter to the vulnerable PHP files by passing an argument via URL to the PHP files.

Affected Products

  • Phorum 3.3.2 a

References

  • BugTraq: 4763
  • CVE: CVE-2002-0764

Site Map
RSS Feeds
Careers
Accessibility
Feedback
Privacy Policy
Legal Notices
Copyright © 1999-2010 Juniper Networks, Inc. All rights reserved.
Help
|
My Account
|
Log Out