Signature Detail

Short Name	HTTP:PHP:CMD-INJ
Severity	High
Recommended	Yes
Recommended Action	Drop
Category	HTTP
Keywords	PHP Command Injection
Release Date	2008/12/11
Update Number	1330
Supported Platforms	idp-4.0+, isg-3.0+, j-series-9.5+, mx-9.4+, srx-9.2+, srx-branch-9.4+, vsrx-12.1+

HTTP: PHP Command Injection

This signature detects Web downloads containing a potentially dangerous PHP script. A malicious site can exploit a known vulnerability in multiple PHP applications and execute arbitrary PHP commands on the victim's server.

Extended Description

phpMyAdmin is prone to a remote PHP code-injection vulnerability. An attacker can exploit this issue to inject and execute arbitrary malicious PHP code in the context of the webserver process. This may facilitate a compromise of the application and the underlying system; other attacks are also possible. Versions prior to phpMyAdmin 2.11.9.5 and 3.1.3.1 are vulnerable.

Affected Products

Debian Linux 4.0
Debian Linux 4.0 Alpha
Debian Linux 4.0 Amd64
Debian Linux 4.0 Arm
Debian Linux 4.0 Armel
Debian Linux 4.0 Hppa
Debian Linux 4.0 Ia-32
Debian Linux 4.0 Ia-64
Debian Linux 4.0 M68k
Debian Linux 4.0 Mips
Debian Linux 4.0 Mipsel
Debian Linux 4.0 Powerpc
Debian Linux 4.0 S/390
Debian Linux 4.0 Sparc
Debian Linux 5.0
Debian Linux 5.0 Alpha
Debian Linux 5.0 Amd64
Debian Linux 5.0 Arm
Debian Linux 5.0 Armel
Debian Linux 5.0 Hppa
Debian Linux 5.0 Ia-32
Debian Linux 5.0 Ia-64
Debian Linux 5.0 M68k
Debian Linux 5.0 Mips
Debian Linux 5.0 Mipsel
Debian Linux 5.0 Powerpc
Debian Linux 5.0 S/390
Debian Linux 5.0 Sparc
Gentoo Linux
Mandriva Corporate Server 4.0
Mandriva Corporate Server 4.0.0 X86 64
phpMyAdmin 2.11.1
phpMyAdmin 2.11.1.1
phpMyAdmin 2.11.1.2
phpMyAdmin 2.11.2.1
phpMyAdmin 2.11.2.2
phpMyAdmin 2.11.4
phpMyAdmin 2.11.5
phpMyAdmin 2.11.5.1
phpMyAdmin 2.11.5.2
phpMyAdmin 2.11.7
phpMyAdmin 2.11.8
phpMyAdmin 2.11.8.1
phpMyAdmin 2.11.9
phpMyAdmin 2.11.9 .1
phpMyAdmin 2.11.9.2
phpMyAdmin 2.11.9.3
phpMyAdmin 2.11.9 4
phpMyAdmin 2.2.3
phpMyAdmin 2.2.6
phpMyAdmin 2.5.1
phpMyAdmin 2.5.4
phpMyAdmin 2.5.5
phpMyAdmin 2.5.5 Pl1
phpMyAdmin 2.5.5 -Rc1
phpMyAdmin 2.5.5 -Rc2
phpMyAdmin 2.5.6 -Rc1
phpMyAdmin 2.5.7
phpMyAdmin 2.6.0
phpMyAdmin 2.6.0 .0Pl1
phpMyAdmin 2.6.0 .0Pl2
phpMyAdmin 2.6.0 .0Pl3
phpMyAdmin 2.6.1
phpMyAdmin 2.6.1 Pl1
phpMyAdmin 2.6.1 Pl3
phpMyAdmin 2.6.1 -Rc1
phpMyAdmin 2.6.2
phpMyAdmin 2.6.2 -Rc1
phpMyAdmin 2.6.3 -Pl1
phpMyAdmin 2.6.4 -Pl1
phpMyAdmin 2.6.4 -Pl3
phpMyAdmin 2.6.4 -Pl4
phpMyAdmin 2.6.4 -Rc1
phpMyAdmin 2.7.0
phpMyAdmin 2.7.0 .0-Beta1
phpMyAdmin 2.7.0 -Pl1
phpMyAdmin 2.7.0-Pl2
phpMyAdmin 2.8.0 .1
phpMyAdmin 2.8.0 .3
phpMyAdmin 2.8.0 .4
phpMyAdmin 2.8.1
phpMyAdmin 2.8.2
phpMyAdmin 3.0.0
phpMyAdmin 3.0.1
phpMyAdmin 3.0.1.1
phpMyAdmin 3.1.1 0
Red Hat Fedora 10
Red Hat Fedora 9
SuSE openSUSE 10.3
SuSE openSUSE 11.0

References

BugTraq: 30135
BugTraq: 35467
BugTraq: 34236
CVE: CVE-2008-6825
CVE: CVE-2009-1151
URL: http://www.juniper.net/security/auto/vulnerabilities/vuln35467.html

Signature Detail

Short Name

Severity

Recommended

Recommended Action

Category

Keywords

Release Date

Update Number

Supported Platforms

HTTP: PHP Command Injection

Extended Description

Affected Products

References