Juniper Networks
Solutions
Products & Services
Company
Partners
Support
Education

Signature Detail

Security Intelligence Center
Signatures
Print

Short Name

 HTTP:PHP:PHPLIB-REMOTE-EXEC

Severity

 Medium

Recommended

 No

Category

 HTTP

Keywords

 PHPLIB Remote Script Execution

Release Date

 2003/04/22

Update Number

 1213

Supported Platforms

 idp-4.0+, isg-3.0+, j-series-9.5+, mx-9.4+, srx-9.2+, srx-branch-9.4+, vsrx-12.1+

HTTP: PHPLIB Remote Script Execution


This signature detects attempts to exploit a known vulnerability in PHPLILB, a code library that provides support for managing sessions in Web applications. Attackers can remotely submit maliciously crafted Web requests to cause the application to fetch and execute scripts from another host, thereby allowing local access to the Web server.

Extended Description

The PHP Base Library('PHPLIB') is a code library which provides support for session management in web applications. It is targeted to developers and is widely used in many web applications, so a strong possibility exists that an application may be using it without the knowledge of the administrator. A problem in PHPLIB will allow remote attackers to submit malicious input in web requests that will cause the application to fetch and then execute scripts from another host. This may allow for attackers to gain local access to the webserver.

Affected Products

  • PHPLib Team PHPLIB 7.2.0
  • PHPLib Team PHPLIB 7.2.0 b
  • PHPLib Team PHPLIB 7.2.0 c
  • PHPLib Team PHPLIB 7.2.1

References

  • BugTraq: 3079
  • CVE: CVE-2001-1370

Site Map
RSS Feeds
Careers
Accessibility
Feedback
Privacy Policy
Legal Notices
Copyright © 1999-2010 Juniper Networks, Inc. All rights reserved.
Help
|
My Account
|
Log Out