admin
06-30-2005, 01:12 AM
HIGHLY CRITICAL
http://secunia.com/advisories/15852/
http://forum.hardened-php.net/viewtopic.php?id=9
Description:
A vulnerability has been reported in XML-RPC for PHP, which can be exploited by malicious people to compromise a vulnerable system.
The vulnerability is caused due to an unspecified error, which can be exploited to execute arbitrary PHP code via an application using the vulnerable library.
Solution:
Use another product.
Provided and/or discovered by:
James, GulfTech Security Research.
Original Advisory:
http://news.postnuke.com/modules...ws&file=article&sid=2699 (http://news.postnuke.com/modules.php?op=modload&name=News&file=article&sid=2699)
Description:
A vulnerability has been reported in PostNuke, which can be exploited by malicious people to compromise a vulnerable system.
For more information:
SA15852 (http://secunia.com/SA15852/)
The vulnerability has been reported in version 0.760 and prior.
Solution:
The vendor recommends removing the XML-RPC library.
http://news.postnuke.com/modules...ws&file=article&sid=2699 (http://news.postnuke.com/modules.php?op=modload&name=News&file=article&sid=2699)
Provided and/or discovered by:
The vendor credits James, GulfTech Security Research.
Other References:
SA15852:
http://secunia.com/advisories/15852/
http://secunia.com/advisories/15852/
http://forum.hardened-php.net/viewtopic.php?id=9
Description:
A vulnerability has been reported in XML-RPC for PHP, which can be exploited by malicious people to compromise a vulnerable system.
The vulnerability is caused due to an unspecified error, which can be exploited to execute arbitrary PHP code via an application using the vulnerable library.
Solution:
Use another product.
Provided and/or discovered by:
James, GulfTech Security Research.
Original Advisory:
http://news.postnuke.com/modules...ws&file=article&sid=2699 (http://news.postnuke.com/modules.php?op=modload&name=News&file=article&sid=2699)
Description:
A vulnerability has been reported in PostNuke, which can be exploited by malicious people to compromise a vulnerable system.
For more information:
SA15852 (http://secunia.com/SA15852/)
The vulnerability has been reported in version 0.760 and prior.
Solution:
The vendor recommends removing the XML-RPC library.
http://news.postnuke.com/modules...ws&file=article&sid=2699 (http://news.postnuke.com/modules.php?op=modload&name=News&file=article&sid=2699)
Provided and/or discovered by:
The vendor credits James, GulfTech Security Research.
Other References:
SA15852:
http://secunia.com/advisories/15852/