Signature Detail

HTTP: PHP strip_tags Cross-Site Scripting

This signature detects attempts to exploit a known cross-site scripting vulnerability against PHP. It is due to insufficient validation of user-supplied input. Attackers can steal cookie-based authentication credentials and launch other attacks.

Extended Description

It is reported that it is possible to bypass PHPs strip_tags() function. It is reported that under certain circumstances, PHPs strip_tags() function will improperly leave malformed tags in place. This vulnerability may mean that previously presumed-safe web applications could contain multiple cross-site scripting and HTML injection vulnerabilities when viewed by Microsoft Internet Explorer or Apple Safari web browsers. It is reported that 'magic_quotes_gpc' must be off for PHP to be vulnerable to this issue.

Affected Products

• Apple Mac OS X 10.0.0
• Apple Mac OS X 10.0.0 3
• Apple Mac OS X 10.0.1
• Apple Mac OS X 10.0.2
• Apple Mac OS X 10.0.3
• Apple Mac OS X 10.0.4
• Apple Mac OS X 10.1.0
• Apple Mac OS X 10.1.1
• Apple Mac OS X 10.1.2
• Apple Mac OS X 10.1.3
• Apple Mac OS X 10.1.4
• Apple Mac OS X 10.1.5
• Apple Mac OS X 10.2.0
• Apple Mac OS X 10.2.1
• Apple Mac OS X 10.2.2
• Apple Mac OS X 10.2.3
• Apple Mac OS X 10.2.4
• Apple Mac OS X 10.2.5
• Apple Mac OS X 10.2.6
• Apple Mac OS X 10.2.7
• Apple Mac OS X 10.2.8
• Apple Mac OS X 10.3.0
• Apple Mac OS X 10.3.1
• Apple Mac OS X 10.3.2
• Apple Mac OS X 10.3.3
• Apple Mac OS X 10.3.4
• Apple Mac OS X 10.3.5
• Apple Mac OS X 10.3.6
• Apple Mac OS X 10.3.7
• Apple Mac OS X Server 10.0.0
• Apple Mac OS X Server 10.1.0
• Apple Mac OS X Server 10.1.1
• Apple Mac OS X Server 10.1.2
• Apple Mac OS X Server 10.1.3
• Apple Mac OS X Server 10.1.4
• Apple Mac OS X Server 10.1.5
• Apple Mac OS X Server 10.2.0
• Apple Mac OS X Server 10.2.1
• Apple Mac OS X Server 10.2.2
• Apple Mac OS X Server 10.2.3
• Apple Mac OS X Server 10.2.4
• Apple Mac OS X Server 10.2.5
• Apple Mac OS X Server 10.2.6
• Apple Mac OS X Server 10.2.7
• Apple Mac OS X Server 10.2.8
• Apple Mac OS X Server 10.3.0
• Apple Mac OS X Server 10.3.1
• Apple Mac OS X Server 10.3.2
• Apple Mac OS X Server 10.3.3
• Apple Mac OS X Server 10.3.4
• Apple Mac OS X Server 10.3.5
• Apple Mac OS X Server 10.3.6
• Apple Mac OS X Server 10.3.7
• Avaya Converged Communications Server 2.0.0
• Avaya Integrated Management
• Avaya S8300 R2.0.0
• Avaya S8300 R2.0.1
• Avaya S8500 R2.0.0
• Avaya S8500 R2.0.1
• Avaya S8700 R2.0.0
• Avaya S8700 R2.0.1
• HP HP-UX B.11.00
• HP HP-UX B.11.11
• HP HP-UX B.11.22
• HP HP-UX B.11.23
• PHP 4.0.0 0
• PHP 4.0.1
• PHP 4.0.2
• PHP 4.0.3
• PHP 4.0.4
• PHP 4.0.5
• PHP 4.0.6
• PHP 4.0.7
• PHP 4.1.0 .0
• PHP 4.1.1
• PHP 4.1.2
• PHP 4.2.0 .0
• PHP 4.2.1
• PHP 4.2.2
• PHP 4.2.3
• PHP 4.3.0
• PHP 4.3.1
• PHP 4.3.2
• PHP 4.3.3
• PHP 4.3.5
• PHP 4.3.6
• PHP 4.3.7
• PHP 5.0.0 Candidate 1
• PHP 5.0.0 Candidate 2
• PHP 5.0.0 Candidate 3
• Red Hat Desktop 3.0.0
• Red Hat Enterprise Linux AS 3
• Red Hat Enterprise Linux ES 3
• Red Hat Enterprise Linux WS 3
• Red Hat Fedora Core1
• Red Hat Fedora Core2
• Red Hat Stronghold 4.0.0
• Slackware Linux 10.0.0
• Slackware Linux 10.1.0
• Slackware Linux 8.1.0
• Slackware Linux 9.0.0
• Slackware Linux 9.1.0
• Slackware Linux -Current
• Trustix Secure Enterprise Linux 2.0.0
• Trustix Secure Linux 1.5.0
• Trustix Secure Linux 2.0.0
• Trustix Secure Linux 2.1.0

References

• BugTraq: 10724
• CVE: CVE-2004-0595