HTTP: PHP FPM Remote Code Execution
This signature detects attempts to exploit a known vulnerability against PHP FPM. A successful attack can lead to arbitrary code execution.
Extended Description
In PHP versions 7.1.x below 7.1.33, 7.2.x below 7.2.24 and 7.3.x below 7.3.11 in certain configurations of FPM setup it is possible to cause FPM module to write past allocated buffers into the space reserved for FCGI protocol data, thus opening the possibility of remote code execution.
Affected Products
Redhat enterprise_linux_for_power_little_endian_eus
References
CVE: CVE-2019-11043
Short Name
HTTP:CTS:PHP-FPM-RCE
Severity
Major
Recommended
False
Recommended Action
None
Category
HTTP
Keywords
CVE-2019-11043 Code Execution FPM PHP Remote
Release Date
11/12/2019
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3724
False Positive
Unknown
Vendors
Redhat
Fedoraproject
Php
Debian
Tenable
Canonical
CVSS Score
7.5