PHP < 5.0.6 GLOBAL Variable Overwrite

High Log Correlation Engine Plugin ID 801113

Synopsis

The remote host may give an attacker information useful for future attacks.

Description

The remote host is running a version of PHP that is older than 5.0.6. This version has a flaw where remote attackers can reenable the 'register_globals' parameter. In addition, a remote attacker may be able to overwrite the 'GLOBAL' variable. This may lead to another more serious exploitation.

Solution

Upgrade to version 5.0.6 or higher.

See Also

http://.php.net/release_4_4_1.php

Plugin Details

Severity: High

ID: 801113

File Name: 801113.prm

Family: Web Servers

Risk Information

Risk Factor: High

CVSSv2

Base Score: 4.3

Temporal Score: 3.2

Vector: CVSS2#AV:A/AC:H/Au:N/C:P/I:P/A:P

Temporal Vector: CVSS2#E:U/RL:OF/RC:C

Exploitable With

Metasploit (Mail.app Image Attachment Command Execution)

Reference Information

CVE: CVE-2006-0395, CVE-2005-2713, CVE-2005-2714, CVE-2005-3319, CVE-2005-3353, CVE-2005-3389, CVE-2005-3706, CVE-2005-3712, CVE-2005-4217, CVE-2005-4504, CVE-2006-0383, CVE-2006-0384, CVE-2006-0386, CVE-2006-0387, CVE-2006-0388, CVE-2006-0389, CVE-2006-0391, CVE-2006-3016, CVE-2006-3018, CVE-2005-3883, CVE-2006-3017, CVE-2005-3390, CVE-2005-3392, CVE-2005-3391

BID: 15250, 15249, 15411, 15413, 15571, 16907, 17843