GEN:SID | 1:2368 |
Message | WEB-PHP PhpGedView PGV config_gedcom.php base directory manipulation attempt |
Summary | This event is generated when an attempt is made to exploit a known vulnerability in the PHP web application PhpGedView.
|
Impact | Execution of arbitrary code on the affected system
|
Detailed Information | PhpGedView contains a flaw such that it may be possible for an attacker to include code of their choosing by manipulating the PGV_BASE_DIRECTORY parameter when making a GET or POST request to a vulnerable system.
It may be possible for an attacker to execute that code with the privileges of the user running the webserver, usually root.
|
Affected Systems | PhpGedView 2.65.1 and earlier |
Attack Scenarios | An attacker can make a request to an affected script and define their own path to the PGV_BASE_DIRECTORY variable.
|
Ease of Attack | Simple. No exploit software required.
|
Corrective Action | Apply the appropriate vendor supplied patches
Upgrade to the latest non-affected version of the software
|
Additional References | |
Rule References | bugtraq: 9368
cve: 2004-0030
|