Security Portal

Intrusion Prevention Service

Signature Version: 4.966


WEB http-php_strings_exploit-atstake
Threat Level: Critical
Release Date: 2006/11/8
Category: Access Control
Signature ID: 1050128
Included In:
Affected OS: Linux
Description: This event indicates that a remote user has attempted to exploit a buffer overflow vulnerability in PHP on a web server. PHP versions prior to 4.0.3 are vulnerable to a format string bug.
Impact: Remote code execution
Recommendation: Update vendor's patch.
False Positive: None
False Negative: None
Additional Information (Links open in new window):
Reference(s): BID:1786; CVE-2000-unknown

Search the Threat Database
Enter Rule ID or Name