PHP Error Log Format String Command Injection

medium Nessus Plugin ID 10535

Synopsis

Arbitrary code might be run on the remote host.

Description

The version of PHP that is running on the remote host is older than 3.0.17 or 4.0.3.

If the option 'log_errors' is set to 'On' in php.ini, then an attacker may execute arbitrary code on this host.

Solution

Make sure that 'log_errors' is set to 'Off' in your php.ini, or install the latest version of PHP.

Plugin Details

Severity: Medium

ID: 10535

File Name: php_log.nasl

Version: 1.25

Type: remote

Family: CGI abuses

Published: 10/14/2000

Updated: 4/11/2022

Configuration: Enable thorough checks

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 6.7

CVSS v2

Risk Factor: Medium

Base Score: 6.8

Temporal Score: 5.3

Vector: CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P

Vulnerability Information

CPE: cpe:/a:php:php

Exploit Ease: No exploit is required

Vulnerability Publication Date: 10/14/2000

Reference Information

CVE: CVE-2000-0967

BID: 1786

Detections

Analytics