|
|||
Rule General Information |
---|
Release Date: | 2024-01-04 | |
Rule Name: | Perl Code Injection Detection - Command Execution Function 1 | |
Severity: | ||
CVE ID: | ||
Rule Protection Details |
---|
Description: | The code injection vulnerability is caused by the application's lax filtering of user input. An attacker can inject code into the server where the application is running, executing the injected code remotely. This rule is used to detect suspicious Perl command execution functions in HTTP requests. | |
Impact: | An attacker can execute arbitrary command via a successful exploit in the context of the vulnerable software. | |
Affected OS: | Other Unix, FreeBSD, Linux | |
Reference: | SecurityFocusBID:98893 ExploitDB:42251 SecurityTrackerID:1038785 https://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=&suid=20170621_00 |
|
Solutions |
---|
Update vendor's patch. |