Juniper Networks
Solutions
Products & Services
Company
Partners
Support
Education

Signature Detail

Security Intelligence Center
Signatures
Print

Short Name

 HTTP:PHP:PHPFORUM-INC

Severity

 Medium

Recommended

 No

Category

 HTTP

Keywords

 php include phpforum

Release Date

 2003/10/08

Update Number

 1213

Supported Platforms

 idp-4.0+, isg-3.0+, j-series-9.5+, mx-9.4+, srx-9.2+, srx-branch-9.4+, vsrx-12.1+

HTTP: PHPForum MAIN_PATH Remote File Include


This signature detects an attempt to force PHP Forum to include and execute PHP code from a remote Web server. The vulnerability was shown to be present in PHPForum version 2 RC1.

Extended Description

phpForum is prone to a vulnerability that may permit remote attackers to include and execute malicious PHP scripts. This could be exploited to execute malicious PHP commands in the context of the web server process.

Affected Products

  • phpForum 2.0.0 RC1

References

  • BugTraq: 8158
  • URL: http://www.securityfocus.com/archive/1/328675
  • URL: http://www.phpmyforum.de/

Site Map
RSS Feeds
Careers
Accessibility
Feedback
Privacy Policy
Legal Notices
Copyright © 1999-2010 Juniper Networks, Inc. All rights reserved.
Help
|
My Account
|
Log Out