HTTP: eGroupware File Inclusion
This signature detects attempts to exploit a known local and remote file inclusion vulnerabilities in eGroupware. It is due to insufficient validation of user-supplied input. A remote attacker can exploit this by enticing a target to open a malicious URL link. A successful attack can result in arbitrary code execution and/or loss of sensitive information.
Extended Description
eGroupware is prone to a URI-redirection vulnerability and a local file-include vulnerability because it fails to sufficiently sanitize user-supplied data. An attacker can exploit these vulnerabilities to execute arbitrary local files within the context of the webserver process or redirect users to a potentially malicious site. This may aid in phishing attacks or allow the attacker to compromise the application; other attacks are also possible. eGroupware 1.8.001.20110421 is vulnerable; other versions may also be affected.
Affected Products
Egroupware egroupware
Short Name
HTTP:PHP:EGROUPWARE-FI
Severity
Major
Recommended
False
Recommended Action
Drop
Category
HTTP
Keywords
File Inclusion bid:47968 eGroupware
Release Date
06/06/2011
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3336
False Positive
Unknown
Vendors
Egroupware