|
Family: Gentoo Local Security Checks --> Category: infos
[GLSA-200507-01] PEAR XML-RPC, phpxmlrpc: PHP script injection vulnerability Vulnerability Scan
Vulnerability Scan Summary PEAR XML-RPC, phpxmlrpc: PHP script injection vulnerability
Detailed Explanation for this Vulnerability Test
The remote host is affected by the vulnerability described in GLSA-200507-01
(PEAR XML-RPC, phpxmlrpc: PHP script injection vulnerability)
James Bercegay of GulfTech Security Research discovered that the
PEAR XML-RPC and phpxmlrpc libraries fail to sanatize input sent using
the "POST" method.
Impact
A remote attacker could exploit this vulnerability to execute
arbitrary PHP script code by sending a specially crafted XML document
to web applications making use of these libraries.
Workaround
There are no known workarounds at this time.
References:
http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-1921
http://www.gulftech.org/?node=research&article_id=00088-07022005
Solution:
All PEAR-XML_RPC users should upgrade to the latest available
version:
# emerge --sync
# emerge --ask --oneshot --verbose ">=dev-php/PEAR-XML_RPC-1.3.1"
All phpxmlrpc users should upgrade to the latest available
version:
# emerge --sync
# emerge --ask --oneshot --verbose ">=dev-php/phpxmlrpc-1.1.1"
Threat Level: High
Click HERE for more information and discussions on this network vulnerability scan.
|