phpScheduleIt 'reserve.php' Remote Code Execution Vulnerability
Schweregrad: : Medium
Identificador(es) CVE: : CVE-2008-6132
Data do informe: 21 julho 2015
Descrição
phpScheduleIt is prone to a vulnerability that lets remote attackers execute arbitrary code because the application fails to sanitize user-supplied input. An attacker can leverage this issue to execute arbitrary PHP code on an affected computer with the privileges of the webserver process.
Exposição das informações
Apply associated Trend Micro DPI Rules.
Solução
Trend Micro Deep Security DPI Rule Number: 1005916
Trend Micro Deep Security DPI Rule Name: 1005916 - phpScheduleIt 'reserve.php' Remote Code Execution Vulnerability
Software infectado e versão:
- brickhost phpscheduleit 1.0
- brickhost phpscheduleit 1.0.0rc1
- brickhost phpscheduleit 1.0_rc1
- brickhost phpscheduleit 1.2.0
- brickhost phpscheduleit 1.2.1
- brickhost phpscheduleit 1.2.10
- brickhost phpscheduleit 1.2.2
- brickhost phpscheduleit 1.2.3
- brickhost phpscheduleit 1.2.4
- brickhost phpscheduleit 1.2.5
- brickhost phpscheduleit 1.2.6
- brickhost phpscheduleit 1.2.7
- brickhost phpscheduleit 1.2.8
- brickhost phpscheduleit 1.2.9