GLSA Advocate
Joined: 12 May 2004 Posts: 2663
|
Posted: Wed Aug 24, 2005 9:11 am Post subject: [ GLSA 200508-13 ] PEAR XML-RPC, phpxmlrpc: New PHP script i |
|
|
Gentoo Linux Security Advisory
Title: PEAR XML-RPC, phpxmlrpc: New PHP script injection vulnerability (GLSA 200508-13)
Severity: high
Exploitable: remote
Date: August 24, 2005
Bug(s): #102378, #102576
ID: 200508-13
Synopsis
The PEAR XML-RPC and phpxmlrpc libraries allow remote attackers to execute
arbitrary PHP script commands.
Background
The PEAR XML-RPC and phpxmlrpc libraries are both PHP
implementations of the XML-RPC protocol.
Affected Packages
Package: dev-php/PEAR-XML_RPC
Vulnerable: < 1.4.0
Unaffected: >= 1.4.0
Architectures: All supported architectures
Package: dev-php/phpxmlrpc
Vulnerable: < 1.2-r1
Unaffected: >= 1.2-r1
Architectures: All supported architectures
Description
Stefan Esser of the Hardened-PHP Project discovered that the PEAR
XML-RPC and phpxmlrpc libraries were improperly handling XMLRPC
requests and responses with malformed nested tags.
Impact
A remote attacker could exploit this vulnerability to inject
arbitrary PHP script code into eval() statements by sending a specially
crafted XML document to web applications making use of these libraries.
Workaround
There are no known workarounds at this time.
Resolution
All PEAR-XML_RPC users should upgrade to the latest available
version:
Code: | # emerge --sync
# emerge --ask --oneshot --verbose ">=dev-php/PEAR-XML_RPC-1.4.0" |
All phpxmlrpc users should upgrade to the latest available
version:
Code: | # emerge --sync
# emerge --ask --oneshot --verbose ">=dev-php/phpxmlrpc-1.2-r1" |
References
CAN-2005-2498
Hardened-PHP 14/2005 Advisory
Hardened-PHP 15/2005 Advisory
Last edited by GLSA on Sun Nov 03, 2013 4:20 am; edited 3 times in total |
|