• News
• Infocus
• Foundations
• Microsoft
• Unix
• IDS
• Incidents
• Virus
• Pen-Test
• Firewalls
• Columnists
• Mailing Lists
• Newsletters
• Bugtraq
• Focus on IDS
• Focus on Linux
• Focus on Microsoft
• Forensics
• Pen-test
• Security Basics
• Vuln Dev
• Vulnerabilities
• Jobs
• Job Opportunities
• Resumes
• Job Seekers
• Employers
• Tools
• RSS
• News
• Vulns
• Security Research

• info
• discussion
• exploit
• solution
• references

PHPPing Remote Command Execution Vulnerability

A vulnerability has been reported in PHPPing that may allow remote attackers to execute commands on vulnerable systems.

The vulnerability exists in the index.php script file. Some variables are not properly sanitized of malicious shell metacharacters. An attacker can exploit this vulnerability by executing the PHPPing script and include malicious shell metacharacters as values for various parameters.