GEN:SID | 1:2286 |
Message | WEB-PHP friends.php access |
Summary | This event is generated when an attempt is made to exploit a known vulnerability in a PHP web application running on a server.
|
Impact | Unauthorized electronic mail relaying.
|
Detailed Information | This event is generated when an attempt is made to access the script friends.php included in the PHP application vbPortal. This may indicate an attempt to use the server as an email relay.
|
Affected Systems | All systems running the PHP application vbPortal
|
Attack Scenarios | The attacker could access the friends.php script directly to send spam email to thousands of recipients using the server as a relay.
|
Ease of Attack | Simple. Exploits exist.
|
Corrective Action | Ensure the system is using an up to date version of the software and has had all vendor supplied patches applied.
|
Additional References | |
Rule References | bugtraq: 9088
|