12 matches found
LupperA XMLRPC Propagation Request Code Execution - Ver2 (CVE-2005-1921)
A code execution vulnerability has been reported in Pear XML RPC. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
Debian Security Advisory DSA 789-1 (php4)
The remote host is missing an update to php4 announced via advisory DSA 789-1. Several security related problems have been found in PHP4, the server-side, HTML-embedded scripting language. The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2005-1751 Eric Roman...
CentOS 3 / 4 : php (CESA-2005:748)
Updated PHP packages that fix a security issue are now available. This update has been rated as having important security impact by the Red Hat Security Response Team. PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Web server. A bug was discovered in the PEAR XML-RP...
GLSA-200508-13 : PEAR XML-RPC, phpxmlrpc: New PHP script injection vulnerability
The remote host is affected by the vulnerability described in GLSA-200508-13 PEAR XML-RPC, phpxmlrpc: New PHP script injection vulnerability Stefan Esser of the Hardened-PHP Project discovered that the PEAR XML-RPC and phpxmlrpc libraries were improperly handling XMLRPC requests and responses wit...
PEAR XML-RPC, phpxmlrpc: New PHP script injection vulnerability
Background The PEAR XML-RPC and phpxmlrpc libraries are both PHP implementations of the XML-RPC protocol. Description Stefan Esser of the Hardened-PHP Project discovered that the PEAR XML-RPC and phpxmlrpc libraries were improperly handling XMLRPC requests and responses with malformed nested tags...
RHEL 4 : php (RHSA-2005:748)
The remote Redhat Enterprise Linux 4 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2005:748 advisory. PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Web server. A bug was discovered in the PEAR XML-RPC Server package...
Important: Red Hat Security Advisory: php security update
Updated PHP packages that fix a security issue are now available. This update has been rated as having important security impact by the Red Hat Security Response Team. PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Web server. A bug was discovered in the PEAR XML-RP...
CVE-2005-2498
PHPXMLRPC
SUSE-SA:2005:041: php/pear XML::RPC
The remote host is missing the patch for the advisory SUSE-SA:2005:041 php/pear XML::RPC. A bug in the PEAR::XMLRPC library allowed remote attackers to pass arbitrary PHP code to the eval function. The updated php packages fix the XML::RPC bug, however several third party PHP packages include a...
GLSA-200507-01 : PEAR XML-RPC, phpxmlrpc: PHP script injection vulnerability
The remote host is affected by the vulnerability described in GLSA-200507-01 PEAR XML-RPC, phpxmlrpc: PHP script injection vulnerability James Bercegay of GulfTech Security Research discovered that the PEAR XML-RPC and phpxmlrpc libraries fail to sanatize input sent using the 'POST' method. Impac...
PEAR XML-RPC, phpxmlrpc: PHP script injection vulnerability
Background The PEAR XML-RPC and phpxmlrpc libraries are both PHP implementations of the XML-RPC protocol. Description James Bercegay of GulfTech Security Research discovered that the PEAR XML-RPC and phpxmlrpc libraries fail to sanatize input sent using the "POST" method. Impact A remote attacker...
PT-2005-2876 · Egroupware +10 · Egroupware +10
Name of the Vulnerable Software and Affected Versions: PEAR XML RPC versions 1.3.0 and earlier PHPXMLRPC versions 1.1 and earlier Description: The issue allows remote attackers to execute arbitrary PHP code via an XML file, which is not properly sanitized before being used in an eval statement...