Signature Detail

HTTP: pMachine Remote PHP Include

This signature detects attempts to exploit a known vulnerability in pMachine, an online publishing application. pMachine version 2.2.1 and other versions are vulnerable. Attackers can send a malicious HTTP request to force the pMachine Web server to execute PHP code from a remote server; commands are executed with Web server privileges.

Extended Description

It has been reported that PMachine does not properly handle include files under some circumstances. Because of this, an attacker may be able to remotely execute commands.

Affected Products

• PMachine 2.2.1

References

• BugTraq: 7919
• CVE: CVE-2003-1086
• URL: http://securityresponse.symantec.com/avcenter/security/Content/7919.html
• URL: http://www.k-otik.net/bugtraq/06.10.pMachine.php