Is it possible to execute PHP with extension file.php.jpg?

Question

Site legit file image_upload.php was used to upload file 89471928047.php.jpg Which was simple file upload form that copy tmp file to same images fo

Answer 1

The problem is caused by your server using the default /etc/httpd/conf.d/php.conf:

rpm -ql php-5.1.6-39.el5_8
/etc/httpd/conf.d/php.conf
/usr/lib64/httpd/modules/libphp5-zts.so
/usr/lib64/httpd/modules/libphp5.so
/var/lib/php/session
/var/www/icons/php.gif

The content of /etc/httpd/conf.d/php.conf is:

#
# PHP is an HTML-embedded scripting language which attempts to make it
# easy for developers to write dynamically generated webpages.
#

  LoadModule php5_module modules/libphp5.so


  # Use of the "ZTS" build with worker is experimental, and no shared
  # modules are supported.
  LoadModule php5_module modules/libphp5-zts.so


#
# Cause the PHP interpreter to handle files with a .php extension.
#
AddHandler php5-script .php
AddType text/html .php

Please note the last line AddHandler php5-script .php . This is causing that problem and needs to be replaced with a more secure configuration

You can read more about it and how to apply a fix here ( see last reply):

http://core.trac.wordpress.org/ticket/11122

also see this:

https://bugzilla.redhat.com/show_bug.cgi?id=885839