Juniper Networks
Solutions
Products & Services
Company
Partners
Support
Education

Signature Detail

Security Intelligence Center
Signatures
Print

Short Name

 HTTP:PHP:PHPNUKE:VIEWADMIN

Severity

 Low

Recommended

 No

Category

 HTTP

Keywords

 PHP-Nuke ViewAdmin Page Unauthorized Access

Release Date

 2004/09/08

Update Number

 1213

Supported Platforms

 idp-4.0+, isg-3.0+, j-series-9.5+, mx-9.4+, srx-9.2+, srx-branch-9.4+, vsrx-12.1+

HTTP: PHP-Nuke ViewAdmin Page Unauthorized Access


This signature detects attempts to make changes to the PHP-Nuke database. Attackers can make changes to the database by exploiting a vulnerability in the way PHP-Nuke parses certain HTTP POST requests to admin.php.

Extended Description

Successful exploitation of this vulnerability would allow attackers to elevate their privilege to Superuser level. Once this is achieved, the entire PHP-Nuke system could be compromised by an attacker modifying configuration details, modifying or deleting user accounts, or defacing content.

References

  • CVE: CVE-2004-1932
  • URL: http://archives.neohapsis.com/archives/bugtraq/2004-09/0041.html
  • URL: http://www.waraxe.us/index.php?modname=sa&id=18

Site Map
RSS Feeds
Careers
Accessibility
Feedback
Privacy Policy
Legal Notices
Copyright © 1999-2010 Juniper Networks, Inc. All rights reserved.
Help
|
My Account
|
Log Out