1. Symantec-Broadcom-Horizontal/
  2. Security Response/
  3. Attack Signatures/
  4. Attack: TestLink Arbitrary PHP File Upload

Attack: TestLink Arbitrary PHP File Upload

Severity: High

This attack could pose a serious security threat. You should take immediate action to stop any damage or prevent further damage from happening.

Description

This signature detects the arbitrary upload of a PHP file in Testlink 1.9.3.

Additional Information

Arbitrary files can be uploaded by a user with any role. User registration is enabled by default.

File names are randomized with 'md5(uniqid(rand(), true))' and stored in '/testlink-1.9.3/upload_area/nodes_hierarchy/(id)/([a-f0-9]{32}).ext'

By combining the arbitrary file upload and SQL injection it is possible to execute the uploaded PHP file.

Affected

  • Testlink 1.9.3
  • Twitter
  • Facebook
  • LinkedIn
  • Google+
  • YouTube