Intrusion Prevention

Osprey.GetRecord.PHP.Remote.File.Inclusion

Description

It indicates a possible exploit of a remote file inclusion vulnerability in ibiblio Osprey that may allow remote attackers to execute arbitrary PHP code via a URL in the lib_dir parameters in the GetRecord.php script.

Affected Products

ibiblio Osprey 1.0

Impact

system compromise.

Recommended Actions

Refer to the vendor's web site for suggested workaround.
http://osprey.ibiblio.org/

CVE References

CVE-2006-6631