GLSA
Veteran
Joined: 12 May 2004
Posts: 1303
|
 Posted: Wed Aug 24, 2005 9:11 am Post subject: [ GLSA 200508-13 ] PEAR XML-RPC, phpxmlrpc: New PHP script i |
 |
|
Gentoo Linux Security Advisory
Title: PEAR XML-RPC, phpxmlrpc: New PHP script injection vulnerability (GLSA 200508-13)
Severity: high
Exploitable: remote
Date: August 24, 2005
Bug(s): #102378, #102576
ID: 200508-13
Synopsis
The PEAR XML-RPC and phpxmlrpc libraries allow remote attackers to execute arbitrary PHP script commands.
Background
The PEAR XML-RPC and phpxmlrpc libraries are both PHP implementations of the XML-RPC protocol.
Affected Packages
Package: dev-php/PEAR-XML_RPC
Vulnerable: < 1.4.0
Unaffected: >= 1.4.0
Architectures: All supported architectures
Package: dev-php/phpxmlrpc
Vulnerable: < 1.2-r1
Unaffected: >= 1.2-r1
Architectures: All supported architectures
Description
Stefan Esser of the Hardened-PHP Project discovered that the PEAR XML-RPC and phpxmlrpc libraries were improperly handling XMLRPC requests and responses with malformed nested tags.
Impact
A remote attacker could exploit this vulnerability to inject arbitrary PHP script code into eval() statements by sending a specially crafted XML document to web applications making use of these libraries.
Workaround
There are no known workarounds at this time.
Resolution
All PEAR-XML_RPC users should upgrade to the latest available version: | Code: | # emerge --sync
# emerge --ask --oneshot --verbose ">=dev-php/PEAR-XML_RPC-1.4.0" |
All phpxmlrpc users should upgrade to the latest available version: | Code: | # emerge --sync
# emerge --ask --oneshot --verbose ">=dev-php/phpxmlrpc-1.2-r1" |
References
CAN-2005-2498
Hardened-PHP 14/2005 Advisory
Hardened-PHP 15/2005 Advisory
Last edited by GLSA on Sun May 07, 2006 4:58 pm; edited 1 time in total |
|
News & Announcements
