Signature Detail
Short Name |
HTTP:PHP:UPLOAD-LOCATION |
|---|---|
Severity |
High |
Recommended |
No |
Recommended Action |
Drop |
Category |
HTTP |
Keywords |
PHP Arbitrary File Upload Location |
Release Date |
2004/11/17 |
Update Number |
1213 |
Supported Platforms |
di-5.3+, idp-4.0+, isg-3.0+, j-series-9.5+, mx-9.4+, srx-9.2+, srx-branch-9.4+, vsrx-12.1+ |
HTTP: PHP Arbitrary File Upload Location
This signature detects a maliciously crafted HTTP POST request. Attackers can use a directory traversal attack within the Content-Disposition field of a POST request to force PHP to execute arbitrary code.
Extended Description
Reportedly PHP is vulnerable to an arbitrary location file upload vulnerability. This issue is due to a failure of the PHP application to properly sanitize user-supplied file name input. An attacker may exploit this issue to upload files to an arbitrary location on a computer running the affected software. This may facilitate arbitrary server-side script code execution as well as other attacks. It is reported that this issue only affects PHP versions 4.2.0 and subsequent.
Affected Products
- Gentoo Linux 0.5.0
- Gentoo Linux 0.7.0
- Gentoo Linux 1.1.0 A
- Gentoo Linux 1.2.0
- Gentoo Linux 1.4.0
- Gentoo Linux 1.4.0 _rc1
- Gentoo Linux 1.4.0 _rc2
- Gentoo Linux 1.4.0 _rc3
- PHP 4.0.0 0
- PHP 4.0.1
- PHP 4.0.2
- PHP 4.0.3
- PHP 4.0.4
- PHP 4.0.5
- PHP 4.0.6
- PHP 4.0.7
- PHP 4.1.0 .0
- PHP 4.1.1
- PHP 4.1.2
- PHP 4.2.0 .0
- PHP 4.2.1
- PHP 4.2.2
- PHP 4.2.3
- PHP 4.3.0
- PHP 4.3.1
- PHP 4.3.2
- PHP 4.3.3
- PHP 4.3.4
- PHP 4.3.5
- PHP 4.3.6
- PHP 4.3.7
- PHP 4.3.8
- PHP 5.0.0 .0
- PHP 5.0.1
- Red Hat Fedora Core1
- Red Hat Linux 7.3.0 I386
- Red Hat Linux 9.0.0 I386
- SGI ProPack 3.0.0
References
- BugTraq: 11190
- CVE: CVE-2013-6221
- CVE: CVE-2004-0959
- URL: http://www.securityfocus.com/archive/1/376865
- URL: http://www.securityfocus.com/archive/1/375370