1
LazyBadger
PHPXMLRPC Remote PHP Code Injection Vulnerability

Does this advisory applicable for XOOPS?
Quis custodiet ipsos custodes?

Webmaster of
XOOPS2.RU
XOOPS Modules Proving Ground
XOOPS Themes Exhibition

2
Mithrandir
Re: PHPXMLRPC Remote PHP Code Injection Vulnerability

"When you can flatten entire cities at a whim, a tendency towards quiet reflection and seeing-things-from-the-other-fellow's-point-of-view is seldom necessary."

Cusix Software

3
LazyBadger
Re: PHPXMLRPC Remote PHP Code Injection Vulnerability

Mth, sorry, by... in order to be clean
1/ 2.13 relesed 2.07, hardened-PHP have in timeline first note "22. July 2005 - Contact with both library vendors established."
2/ Secunia references to CAN-2005-2112, CAN-2005-2113
hardened-PHP - CAN-2005-2498
3/ I see this note:
Quote:
After Gulftech released their PHP code injection advisory in the end of June 2005 we sheduled the code for an audit from our side.
Unfortunately we were able to find another vulnerability in the XML-RPC libraries that allows injection of arbitrary PHP code into eval() statements.

4/ FYI - Drupal has fresh releases for eliminating CAN-2005-2498, Xaraya recommends disable users XMLRPC module, while 1.0RC3, relesed Jul 10, 2005 already have fixes for "Security fixes and checks for recent XML-RPC exploits"

I prefer sometimes be "more royalist than rex"
Quis custodiet ipsos custodes?

Webmaster of
XOOPS2.RU
XOOPS Modules Proving Ground
XOOPS Themes Exhibition

4
LazyBadger
Re: PHPXMLRPC Remote PHP Code Injection Vulnerability

?
Quis custodiet ipsos custodes?

Webmaster of
XOOPS2.RU
XOOPS Modules Proving Ground
XOOPS Themes Exhibition

5
skalpa
Re: PHPXMLRPC Remote PHP Code Injection Vulnerability
  • 2005/8/24 15:53

  • skalpa

  • Quite a regular

  • Posts: 300

  • Since: 2003/4/16


Quote:
Application: PHPXMLRPC <= 1.1.1


Our XMLRPC class is not PHPXMLRPC, we use another implementation (which doesn't use eval).

It doesn't concern XOOPS...

skalpa.>
Any intelligent fool can make things bigger, and more complex. It takes a touch of genius, a lot of courage, to move in the opposite direction.
Two things are infinite: the universe and human stupidity; and I'm not sure about the 1st one (A.Einstein)

6
giba
Re: PHPXMLRPC Remote PHP Code Injection Vulnerability
  • 2005/8/24 16:56

  • giba

  • Just can't stay away

  • Posts: 638

  • Since: 2003/4/26


Any module that is using the function eval() of php will go to have security problems?

7
skalpa
Re: PHPXMLRPC Remote PHP Code Injection Vulnerability
  • 2005/8/24 18:55

  • skalpa

  • Quite a regular

  • Posts: 300

  • Since: 2003/4/16


Quote:
Any module that is using the function eval() of php will go to have security problems?


No... eval() like some other PHP functions is just potentially dangerous.
If you are sure the code you give to eval() is safe, there should be no problem.
However if you try to eval() external data, then people may be able to send malicious code to it

So: it is not always dangerous, but it can become a big hole if you do not take care of what you are doing.

skalpa.>
Any intelligent fool can make things bigger, and more complex. It takes a touch of genius, a lot of courage, to move in the opposite direction.
Two things are infinite: the universe and human stupidity; and I'm not sure about the 1st one (A.Einstein)

Login

Who's Online

227 user(s) are online (127 user(s) are browsing Support Forums)


Members: 0


Guests: 227


more...

Donat-O-Meter

Stats
Goal: $100.00
Due Date: Nov 30
Gross Amount: $0.00
Net Balance: $0.00
Left to go: $100.00
Make donations with PayPal!

Latest GitHub Commits