Intrusion Prevention

PHP.AppServ.appservroot.Remote.File.Inclusion

Description

It indicates a possible exploit of Remote File Include vulnerability in appserv/main.php in AppServ that may allow remote attackers to include arbitrary files via the appserv_root parameter. An attacker can exploit this issue to execute arbitrary remote PHP code on an affected computer with the privileges of the Web server process leading to unauthorized access.

Affected Products

AppServ Open Project 2.4.5

Impact

Compromise of the affected system.

Recommended Actions

Apply appropriate patch to the system from the vendor if available. If patch is not available, change action to drop_session without affecting legitimate traffic for blocking further attacks.

CVE References

CVE-2006-0125