Signature Detail

This site is deprecated. Please CLICK HERE for latest updates

Short Name	HTTP:OPENX-AD-SERVER-PHP-CE
Severity	Major
Recommended	No
Recommended Action	Drop
Category	HTTP
Keywords	OpenX Ad Server Backdoor Arbitrary PHP Code Execution
Release Date	2013/11/26
Update Number	2322
Supported Platforms	idp-4.0+, isg-3.0+, j-series-9.5+, mx-11.4+, srx-12.1+, srx-branch-12.1+, vmx-17.4+, vsrx-12.1+, vsrx3bsd-18.2+

HTTP: OpenX Ad Server Backdoor Arbitrary PHP Code Execution

This signature detects attempts to exploit a known vulnerability against OpenX Ad Server. Attackers can execute arbitrary PHP code on targeted system.

Extended Description

A Code Execution Vulnerability exists in OpenX Ad Server 2.8.10 due to a backdoor in flowplayer-3.1.1.min.js library, which could let a remote malicious user execute arbitrary PHP code

Affected Products

Openx openx 2.8.10

References

BugTraq: 61650
CVE: CVE-2013-4211
URL: http://www.heise.de/security/meldung/Achtung-Anzeigen-Server-OpenX-enthaelt-eine-Hintertuer-1929769.html
URL: http://forum.openx.org/index.php?showtopic=503521628

Signature Detail

This site is deprecated. Please CLICK HERE for latest updates

Short Name

Severity

Recommended

Recommended Action

Category

Keywords

Release Date

Update Number

Supported Platforms

HTTP: OpenX Ad Server Backdoor Arbitrary PHP Code Execution

Extended Description

Affected Products

References