Signature Detail
Short Name |
HTTP:PHP:PHPESCSHELL |
|---|---|
Severity |
High |
Recommended |
No |
Recommended Action |
Drop |
Category |
HTTP |
Keywords |
PHP EscapeShell |
Release Date |
2009/05/04 |
Update Number |
1419 |
Supported Platforms |
idp-4.0+, isg-3.0+, j-series-9.5+, mx-9.4+, srx-9.2+, srx-branch-9.4+, vsrx-12.1+ |
HTTP: PHP Escapeshell Command Execution
This signature detects attempts to exploit a known vulnerability in PHP. A successful attack allows attackers to execute commands by inserting escape commands due to improper input validation.
Extended Description
PHP is reportedly prone to a command execution vulnerability in its shell escape functions. This issue is due to a failure of PHP to properly sanitize function arguments. This issue might allow an attacker to execute arbitrary shell commands on a computer running the vulnerable software within the security context of the web server; potentially leading to unauthorized access. Other attacks are also possible. This issue is reported to affect PHP under Microsoft Windows version 4.3.3 and 4.3.5, it is likely that other Microsoft Windows versions are affected as well.
Affected Products
- PHP 4.3.3
- PHP 4.3.5
References
- BugTraq: 10471