HTTP: PHP Escapeshell Command Execution
This signature detects attempts to exploit a known vulnerability in PHP. A successful attack allows attackers to execute commands by inserting escape commands due to improper input validation.
Extended Description
PHP is reportedly prone to a command execution vulnerability in its shell escape functions. This issue is due to a failure of PHP to properly sanitize function arguments. This issue might allow an attacker to execute arbitrary shell commands on a computer running the vulnerable software within the security context of the web server; potentially leading to unauthorized access. Other attacks are also possible. This issue is reported to affect PHP under Microsoft Windows version 4.3.3 and 4.3.5, it is likely that other Microsoft Windows versions are affected as well.
Affected Products
Php php
References
BugTraq: 10471
Short Name
HTTP:PHP:PHPESCSHELL
Severity
Major
Recommended
False
Recommended Action
None
Category
HTTP
Keywords
Command Escapeshell Execution PHP bid:10471
Release Date
05/04/2009
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3336
False Positive
Occasionally
Vendors
Php