Intrusion PreventionphpBB.Viewtopic.Highlight.Command.Execution
Description
It indicates an attempt to exploit a remote command execution vulnerability in phpBB.
It has been reported that the viewtopic.php script of phpBB is affected by an SQL injection vulnerability which may allow remote command execution. This vulnerability is caused by improper sanitizing of user-supplied input for the highlight parameter of the affected script.
This is the vulnerability which is being exploited by Santy.A worm.
Affected Products
Any unprotected phpBB version 2.0.10 and prior is vulnerable.
Impact
A remote attacker could execute arbitrary commands on the target system.
Recommended Actions
If a FortiGate with FortiOS 2.80 or above is used, select "Reset Server" as the default action for the signature.
Apply appropriate patches or upgrade the application to the latest non-vulnerable version.
Telemetry
Coverage
| IPS (Regular DB) | |
| IPS (Extended DB) |
Version Updates
| Date | Version | Detail |
|---|---|---|
| 2022-08-15 | 21.373 | Sig Added |
| 2020-04-06 | 15.811 | Sig Added |
| 2020-03-19 | 15.799 | Sig Added |
| 2020-03-17 | 15.797 | Sig Added |
| 2019-11-22 | 15.729 | Name:PHPBB. Viewtopic. Highlight. Command. Execution:phpBB. Viewtopic. Highlight. Command. Execution |
| ID | 12507 |
| Created | Sep 11, 2006 |
| Updated | Aug 12, 2022 |
| Risk |
|
| CVE ID | CVE-2004-1315 |
| Exploit Prediction Score | 96.27% |
| Default Action | drop |
| Active | |
| Affected OS | Windows, Linux, BSD, Solaris, MacOS |
| Affected App | PHP_app |