Short Name |
HTTP:PHP:GIF-HEADER-EVASION |
---|---|
Severity |
Major |
Recommended |
No |
Recommended Action |
Drop |
Category |
HTTP |
Keywords |
PHP With GIF Header Evasion Command Execution |
Release Date |
2012/06/05 |
Update Number |
2146 |
Supported Platforms |
idp-4.0+, isg-3.1.134269+, j-series-9.5+, mx-11.4+, srx-12.1+, srx-branch-12.1+, vmx-17.4+, vsrx-12.1+, vsrx3bsd-18.2+ |
This signature detects PHP files with GIF image headers. WordPress blogs which use the "TimThumb" graphics manipulation library are vulnerable to PHP command execution when such files are passed to them for processing. This vulnerability is being actively exploited by BotNets as of June 2012.