PHP rfc1867.c $_FILES Array Crafted MIME Header Arbitrary File Upload

low Nessus Plugin ID 14770

Synopsis

Arbitrary files may be uploaded on the remote host.

Description

The remote host is running a version of PHP that is older than 4.3.9 or 5.0.2.

The remote version of this software is affected by an unspecified file upload vulnerability that could allow a local attacker to upload arbitrary files to the server.

** This flaw can only be exploited locally.

Solution

Upgrade to PHP 4.3.9 or 5.0.2 or later.

Plugin Details

Severity: Low

ID: 14770

File Name: php_arbitrary_file_upload.nasl

Version: 1.25

Type: remote

Family: CGI abuses

Published: 9/17/2004

Updated: 5/31/2024

Configuration: Enable thorough checks

Supported Sensors: Nessus

Enable CGI Scanning: true

Risk Information

VPR

Risk Factor: Low

Score: 3.6

CVSS v2

Risk Factor: Low

Base Score: 2.1

Temporal Score: 1.6

Vector: CVSS2#AV:L/AC:L/Au:N/C:N/I:P/A:N

Vulnerability Information

CPE: cpe:/a:php:php

Required KB Items: www/PHP

Excluded KB Items: Settings/disable_cgi_scanning

Exploit Ease: No exploit is required

Vulnerability Publication Date: 9/15/2004

Reference Information

CVE: CVE-2004-0959

BID: 11190

RHSA: 2004:687