Think you have a false positive on this rule?

Sid 1-51578

Message

SERVER-WEBAPP PHP http fopen stack buffer overflow attempt

Summary

This event is generated when a PHP http fopen stack buffer overflow attempt is detected.

Impact

Attempted User Privilege Gain

Detailed information

Affected systems

  • PHP through 5.6.33, 7.0.x before 7.0.28, 7.1.x through 7.1.14, and 7.2.x through 7.2.2

Ease of attack

False positives

False negatives

Corrective action

Contributors

  • Cisco Talos Intelligence Group

Additional References

  • CVE-2018-7584
  • php.net/ChangeLog-7.php