Juniper Networks
Solutions
Products & Services
Company
Partners
Support
Education

Signature Detail

Security Intelligence Center
Signatures
Print

This site is deprecated. Please CLICK HERE for latest updates

Short Name

 HTTP:PHP:PHPRPC-EXEC

Severity

 Major

Recommended

 No

Recommended Action

 Drop

Category

 HTTP

Keywords

 phpRPC Library Remote Code Execution

Release Date

 2006/04/25

Update Number

 1213

Supported Platforms

 idp-4.0+, isg-3.0+, j-series-9.5+, mx-11.4+, srx-12.1+, srx-branch-12.1+, vmx-17.4+, vsrx-12.1+, vsrx3bsd-18.2+

HTTP: phpRPC Library Remote Code Execution


This signature detects a HTTP POST request containing maliciously crafted XML code. By including some PHP code in a <base64> XML tag, a client can cause arbitrary php code to be executed on the server.

Extended Description

phpRPC is prone to a remote code-execution vulnerability. This issue exists because the library fails to adequately sanitize user-supplied data. PHP scripts that implement the phpRPC library, such as RunCMS, may also be affected by this issue.

Affected Products

  • Phprpc phprpc 0.7
  • Phprpc phprpc 0.8
  • Phprpc phprpc 0.9
  • Runcms runcms 1.1.0
  • Runcms runcms 1.1.0 A
  • Runcms runcms 1.2.0
  • Runcms runcms 1.3.a
  • Runcms runcms 1.3.a2
  • Runcms runcms 1.3.a5

References

  • BugTraq: 16833
  • URL: http://sourceforge.net/projects/phprpc/
  • URL: http://www.securiteam.com/exploits/5PP041PI0Y.html
  • URL: http://www.gulftech.org/?node=research&article_id=00105-02262006

Site Map
RSS Feeds
Careers
Accessibility
Feedback
Privacy Policy
Legal Notices
Copyright © 1999-2010 Juniper Networks, Inc. All rights reserved.
Help
|
My Account
|
Log Out