Trend Micro Security

phpScheduleIt 'reserve.php' Remote Code Execution Vulnerability

2015年7月21日
  危険度: :
  CVE識別番号: CVE-2008-6132

  概要

phpScheduleIt is prone to a vulnerability that lets remote attackers execute arbitrary code because the application fails to sanitize user-supplied input. An attacker can leverage this issue to execute arbitrary PHP code on an affected computer with the privileges of the webserver process.

  トレンドマイクロの対策

Apply associated Trend Micro DPI Rules.

  対応方法

  Trend Micro Deep Security DPI Rule Number: 1005916
  Trend Micro Deep Security DPI Rule Name: 1005916 - phpScheduleIt 'reserve.php' Remote Code Execution Vulnerability

  影響を受けるソフトウェア

  • brickhost phpscheduleit 1.0
  • brickhost phpscheduleit 1.0.0rc1
  • brickhost phpscheduleit 1.0_rc1
  • brickhost phpscheduleit 1.2.0
  • brickhost phpscheduleit 1.2.1
  • brickhost phpscheduleit 1.2.10
  • brickhost phpscheduleit 1.2.2
  • brickhost phpscheduleit 1.2.3
  • brickhost phpscheduleit 1.2.4
  • brickhost phpscheduleit 1.2.5
  • brickhost phpscheduleit 1.2.6
  • brickhost phpscheduleit 1.2.7
  • brickhost phpscheduleit 1.2.8
  • brickhost phpscheduleit 1.2.9