Signature Detail

HTTP: Apache mod_php php_mime_split Heap Overflow

This signature detects attempts to exploit a known vulnerability against mod_php in Apache. Attackers can send a maliciously crafted HTTP POST request to execute arbitrary code on the affected server.

Extended Description

PHP is a widely deployed scripting language, designed for web based development and CGI programming. PHP does not perform proper bounds checking on in functions related to Form-based File Uploads in HTML (RFC1867). Specifically, this problem occurs in the functions which are used to decode MIME encoded files. As a result, it may be possible to overrun the buffer used for the vulnerable functions to cause arbitrary attacker-supplied instructions to be executed. PHP is invoked through webservers remotely. It may be possible for remote attackers to execute this vulnerability to gain access to target systems. A vulnerable PHP interpreter module is available for Apache servers that is often enabled by default.

Affected Products

• Kasenna mediabase 4.0.1
• Php php 3.0.0 0
• Php php 3.0.0 .10
• Php php 3.0.0 .11
• Php php 3.0.0 .12
• Php php 3.0.0 .13
• Php php 3.0.0 .16
• Php php 3.0.1
• Php php 3.0.10
• Php php 3.0.11
• Php php 3.0.12
• Php php 3.0.13
• Php php 3.0.14
• Php php 3.0.15
• Php php 3.0.16
• Php php 3.0.17
• Php php 3.0.18
• Php php 3.0.2
• Php php 3.0.3
• Php php 3.0.4
• Php php 3.0.5
• Php php 3.0.6
• Php php 3.0.7
• Php php 3.0.8
• Php php 3.0.9
• Php php 4.0.0 0
• Php php 4.0.1
• Php php 4.0.1 Pl1
• Php php 4.0.1 Pl2
• Php php 4.0.2
• Php php 4.0.3
• Php php 4.0.3 Pl1
• Php php 4.0.4
• Php php 4.0.5
• Php php 4.0.6
• Php php 4.0.7
• Php php 4.0.7 RC1
• Php php 4.0.7 RC2
• Php php 4.0.7 RC3
• Php php 4.1.0 .0
• Php php 4.1.1

References

• BugTraq: 4183
• CVE: CVE-2002-0081
• URL: http://www.juniper.net/security/auto/vulnerabilities/vuln1085.html