PHP < 4.1.2 POST Request file_upload Overflow

High Log Correlation Engine Plugin ID 801094

Synopsis

N/A

Description

The remote host is running a version of PHP which is older than 4.1.2. This version contains a bug which the handling functions of data of type multipart/form-data, which may allow an attacker to gain a shell on this host.

Solution

Upgrade to PHP 4.1.2 or higher.

Plugin Details

Severity: High

ID: 801094

File Name: 801094.prm

Family: Web Servers

Risk Information

Risk Factor: High

Temporal Vector: CVSS2#E:F/RL:OF/RC:C

Reference Information

CVE: CVE-2002-0081

BID: 4183