|
|
|||
| Rule General Information |
|---|
| Release Date: | 2021-02-18 | |
| Rule Name: | PAJAX Remote Command Execution Vulnerability (CVE-2006-1551) | |
| Severity: | ||
| CVE ID: | ||
| Rule Protection Details |
|---|
| Description: | Eval injection vulnerability in pajax_call_dispatcher.php in PAJAX 0.5.1 and earlier allows remote attackers to execute arbitrary code via the (1) $method and (2) $args parameters. | |
| Impact: | An attacker can execute arbitrary command via a successful exploit in the context of the vulnerable software. | |
| Affected OS: | Windows, Linux, Others | |
| Reference: | SecurityFocusBID:17519 http://archives.neohapsis.com/archives/fulldisclosure/2006-04/0270.html http://www.redteam-pentesting.de/advisories/rt-sa-2006-001.php http://www.securityfocus.com/archive/1/431029/100/0/threaded |
|
| Solutions |
|---|
| The vendors have released upgrade patches to fix vulnerabilities, please visit: http://download.auberger.com/pajax-0.5.2.zip |