HTTP: PHPLIB Remote Script Execution
This signature detects attempts to exploit a known vulnerability in PHPLILB, a code library that provides support for managing sessions in Web applications. Attackers can remotely submit maliciously crafted Web requests to cause the application to fetch and execute scripts from another host, thereby allowing local access to the Web server.
Extended Description
The PHP Base Library('PHPLIB') is a code library which provides support for session management in web applications. It is targeted to developers and is widely used in many web applications, so a strong possibility exists that an application may be using it without the knowledge of the administrator. A problem in PHPLIB will allow remote attackers to submit malicious input in web requests that will cause the application to fetch and then execute scripts from another host. This may allow for attackers to gain local access to the webserver.
Affected Products
Phplib_team phplib
Short Name
HTTP:PHP:PHPLIB-REMOTE-EXEC
Severity
Minor
Recommended
False
Recommended Action
None
Category
HTTP
Keywords
CVE-2001-1370 Execution PHPLIB Remote Script bid:3079
Release Date
04/22/2003
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3336
False Positive
Unknown
Vendors
Phplib_team
CVSS Score
10.0